ID Theft Part 1

posted on
ID Theft Part 1

There are many forms of identity theft ranging from the simple theft and illegal use of credit card numbers to sophisticated web spoofing schemes that steal information from users by logging keystrokes.

In this article, I will cover some of the most common simple schemes, and I'll offer some prevention and protection tips that might help you to avoid becoming a victim. In future articles I will go over more sophisticated schemes that can be far more damaging, yet are generally more preventable.

Common Simple Schemes

You're at a restaurant, you have a meal...maybe it wasn't so good, and maybe the service was lousy, too, prompting you to leave a smaller tip. Or maybe everything was stupendous, and you leave a fantastic tip. It really doesn't matter, because when you hand over your credit card to your server, unless the transaction is run within your view (hidden card scanners notwithstanding), you and your identity are making an assumption based upon trust - namely, that your server will not steal from you, whatever the motivation.

Your trust is generally well-founded. After all, most servers are trying to make an honest living like the rest of us. But not this time. This time around, the server takes your credit card and decides to double charge you while skimming the overage from the cash drawer for him or herself - judging by that big tip you just left, you'll never miss the cash. Or perhaps the server decides that your tip is not enough and runs a little extra on your card. Maybe your server decides to take the card number to use at a later time for a fantastic one-of-a-kind shopping spree.

Weeks later, you receive your credit card statement. You may not notice the tip increase or even remember the amount of the original tip. You might notice the double-charged meal, and you will almost certainly note the one-of-a-kind shopping extravaganza. Even worse, you may not be looking at your credit card statement. You might be looking at your bank statement, along with a long list of overdraft fees for insufficient funds, because you paid with your debit card: the thief's purchases were directly linked to your bank account.

Protection Tips

Though the above scenario is among the simplest forms of identity theft, it is also among the more difficult types to prevent. After all, unless you only eat at restaurants where you are able to observe card transactions, it is virtually impossible to ensure that your transactions are 100% safe. Phone, online, and internet purchases fall within the same realm, the primary difference being that the criminals who steal your credit card numbers via phone or online are effectively anonymous. Though prevention is more difficult in these cases, there are some steps you can take to protect yourself and/or mitigate the damage, whether at a restaurant, over the phone, or online:

  • Credit Card versus Debit Card.  In any environment where you cannot observe the handling of your card, whether that is in a restaurant, on the phone, or online, consider using a credit card instead of a debit card. Even though most debit cards are insured identically to credit cards against theft and abuse, the hassle factor and hours spent trying to recover from the fallout caused by a stolen debit card can be overwhelming. If your bank account has been emptied, consider that you are the one who has to call your creditors, make re-payments, front the costs of some penalties and late fees (even if they eventually get reimbursed), and endure the general embarrassment of having to explain why you're not really a dead-beat just because your checks bounced. Making a single call to cancel a credit card is much simpler.

  • Cards with a Purpose.  It is a good idea to have a credit card specifically designated for transactions that cannot be directly observed. Designating credit cards for specific purposes and transactions, such as online purchases, provides you the benefit of knowing how/where your card may have been compromised and provides some security in that you'll still be able to use your other cards without worrying whether or not they have been compromised. Notable exceptions to this rule would be online bill payments with trusted sources (e.g. utilities, insurance, mortgage, etc.) where they require debit cards or direct bank account withdrawals. Nevertheless, you should monitor even trusted sources regularly. It is not unheard of for large organizations to be hacked - just ask Microsoft, Apple, Sony, Facebook, Twitter, The New York Times, the VA, and thousands of other organizations.

  • Fraud Prevention and Account Alerts.  Most banks and credit card institutions offer account alerts and other fraud prevention tools, and they usually offer them for free. Using these tools is probably the best way to control the damage once a card has been compromised. With most major institutions, you can set up email alerts for any purchases made over a certain amount in any given day. You can also impose daily purchase limits to restrict how much can be spent on a card each day. Many institutions offer services to monitor your cards for unusual activity, as well. Take advantage of all of these services.

  • Vigilance.  It may sound cliché, but vigilance is one of the best ways to protect yourself against all forms of identity theft. Many would be surprised at the frequency that they have been charged or overcharged for something for which they still remain unaware. In recent years, I have personally seen double charges and over charges from restaurants, cell phone companies, barbershops, online stores, and other establishments with disturbing frequency. In most cases, the errors could be chalked up to human error or they might be fraud - the nature of the transactions make it difficult differentiate. Regardless of the motive, the net result is the same: if you don't catch the charge, you're paying without the benefit of receiving anything in return.

Even Gooder (More Simplistic Yet Effective Schemes)

There are endless numbers of simple schemes, but there are some that tend to be more effective than others, though they are generally more preventable than the first scenario.

Consider these:

Smash and Grab

During the process of writing this article, one of my colleagues showed me a picture of his late model vehicle with its window smashed in. His wife had left her purse in the vehicle while making a quick stop …just an in and out errand. She had even attempted to conceal her purse so as not to be visible to random passers-by. Unfortunately, someone was watching, and in just the four or five minutes that she was inside, the thief managed to smash the window and grab her purse from behind the seat. By the time she got back, there was no sign of the perpetrator, but her purse was gone and several hundred dollars of damage had been inflicted upon the vehicle.

This sort of identity theft can be among the worst because the consequences from the information obtained by the criminal can follow the victim for a very long time. I say it "can" be among the worst because most criminals that smash into cars are not usually savvy enough to fully exploit their plunder. Nevertheless, the fact that the possibility exists for extreme harm means that you have to deal with these types of situations with extreme caution and vigilance. Not only does the criminal have direct access to any cash and credit cards that were in the purse, posing an immediate threat, but an enterprising criminal can use what is in the purse to much more devastating effect over the weeks and months to come.

Aside from the obvious threat of burglary by virtue of knowing a person’s name and address, there is a lot of information that might be used. Consider that the license has her name, address, and date of birth. What about her Social Security card? Many people carry them. That information alone will allow the thief to apply for credit cards, loans, file false tax returns, purchase goods on credit from local stores, and the list goes on. Was there a checkbook? If so, aside from the obvious threat of writing checks directly out of the check book, the thief now has a bank account and routing number to exploit. If the crook happens to be somewhat sophisticated (unlikely but possible), he could go so far as to print his own checks while using her account information. It would only take a laser printer with a special printing resin to do so; it may not be common knowledge for the average criminal, but it’s not exactly a secret, either.

Smashing Prevention

Because of the potential of what can happen in a crime such as this in a worst case scenario where all of the information is harvested, I will, for now, cover only the prevention aspect. From personal experience, I can tell you that the process of unraveling extreme forms of identity theft can be involved. Indeed, they require an entire article unto themselves to go over the various steps you’ll need to take to undo the harm of full-blown identity theft and to further protect yourself from future damage to your credit and finances.

Some crimes are opportunistic. Some are not. It doesn’t matter. If a crook sees a woman get out of a car, and she’s not carrying a purse, there’s a pretty fair chance that her purse is in the car. Whether or not the purse is hidden becomes a moot point in such a scenario, because most criminals will likely figure this out. Fortunately, prevention in this case is 100% effective. Simply put, don’t leave your purse, wallet, phone, laptop, iPad or any other item of value unattended in your car or elsewhere in a public area. Understand that experienced criminals can perform a smash and grab within a minute or two - less time than it takes you to walk from your parked car to the door of your local Walmart. There is no window of time that is safe for your valuables in your car (including your kids!) if you are not physically with them.

Mailing it Home

When you mail out your bill payments, do you place the mail in your mailbox and put the flag up? What about when you fill out a credit application that you received in the mail? How about your tax return? Well, guess what? When you put that flag up, it doesn't require special "Mail Carrier Vision" to see. In reality, that little flag is a burning, bright beacon set to attract any identity thief who might happen to be nearby. Incoming mail can be at risk, too, though you can purchase USPS secure mailboxes to protect that.

This sort of identity theft is often more calculated than the other types mentioned in this article, because the thieves may observe a house for a period of time to figure out when mail delivery occurs, what time people are home, and determine the best times to stop by unnoticed. They may then frequent your mailbox over time to selectively choose items (tax season might net a juicy little check for them) or to simply steal your outgoing checks, credit applications and other personal information.

Preventing the Attraction

Again, this is one in which prevention is 100% effective. For those of you who receive mail at home that might put you at risk for theft, such as money or sensitive information, you can purchase USPS-approved secure mailboxes - these are mailboxes that enable the mail carrier to drop off your mail through a slot and for which you have a key to retrieve the mail - the carrier does not have a key and will not deal with locks directly for home mailboxes.

For outgoing mail, you simply shouldn't put checks or other personal information into your unsecure mailbox. Designate days for which you will stop by a nearby secure USPS mailbox or post office to drop off bill payments and anything containing personal data that might put you at risk. It may sound like a hassle, but setting such a routine is nowhere near the hassle of having to deal with creditors, banks, and lenders who are calling to collect on loans you've never taken out. They don't care if you've had your identity stolen, and they will continue to hound you no matter what you tell them. They just want their money, and they don't care who they get it from.

It's also a *big* hassle when the IRS rejects your tax return because some criminal filed a false tax return in your name. It's even more of a hassle when you have to go to the police station to get a police report to send with an affidavit to the IRS all to declare that you didn't file the first tax return. A year later, when the IRS is still sending you nasty notices about incorrectly filing the first tax return as a single person, telling you that they are getting ready to take action, even though you've already established to them that the first return was fraudulent, it is a *really really really big* hassle. Of course the biggest hassle of all is finding out that no law enforcement agency will actually investigate the fraud while you're left to your own devices to muddle through the mess, and you're on your own in any efforts to prevent further abuse.

Trust me. Stopping by the postoffice once or twice a week isn't really much of a hassle at all.

Conclusion...Sort Of...

To sum it up, it is a good idea to use credit cards for unobserved transactions such as restaurants, online purchases, and phone purchases. It is also useful to separate your credit cards out for specific purposes so that if one gets compromised, you can identify the source and feel secure in the knowledge that you've compartmentalized the damage. When you have to use your debit card online for certain kinds of trusted services, be watchful, and check your statements frequently. Use the spending and fraud alert services offered by your banking and credit card institutions. Be vigilant.

Avoid leaving valuables unattended...anywhere...Don't give criminals an easy way to take your identity or your stuff.

Don't shine a spotlight on your personal information and hard-earned dollars - crooks are like moths, they'll be the first go into the light but not in a good way. Forget the little flag, and go to the post office or a secure mailbox to mail out personal information and payments.

Finally, as you probably gathered from my writing, I have some personal experience with identity theft; and no, not as the one committing it. Over the next couple of articles, I'll go into some more in depth and intricate schemes, and I'll relate to you some personal experiences, while offering additional steps that you can take both to help prevent it from happening to you and to protect yourself if you happen to be targeted.

If you found the article interesting, please feel free to Like it and/or share it with others.

Posted in: | Tags: | Comments (0) | View Count: (7525)
Comment function is not open