Corporate Identity Theft on the Rise

prostoalex writes "As millions of Americans lose their identities to online and offline thieves, a new kind of crime has been cooked up by the criminals who are not bothering with doing pesky credit card charges. They steal entire companies, opening up merchant accounts for existing businesses and running up charges from aforementioned stolen credit card numbers. What's worse, is that the hole the criminals exploit seems to be built into the system. According to Bob Sullivan from MSNBC, "Many of the processing firms interviewed for this article claimed they caught on to the fraud after the transactions had cleared, but before the suspects had withdrawn the money from various checking accounts around the country. One did concede, however, that the scheme has real potential.""

After the "intellectual" property

[mirko]

which does more for the corporations...
will the corporate identity do more for the intellec ?

Re:After the "intellectual" property

What?

Who the hell did this?

Credit cards etc, they're fine, but my /. UID, that's just sick

mirko

Re:After the "intellectual" property

What?

Who the hell did this?

Credit cards etc, they're fine, but my /. UID, that's just sick

Anonymous Coward

Hmmmmm.....

[FatherKabral]

I wonder if Microsoft accepts credit cards.....

Re:Hmmmmm.....

[Faustust]

I don't know if they have in the past, but I made sure that they do now!

*strolls off singing "I'm in the money..."*

Re:Hmmmmm.....

At first I thought this idea was funny, imagining the large soulsucking evil corporations getting ripped off even they are ripping everyone else off was a little humorous.

But it sound like in the real world, the targets are small companies, meaning it could be a mom & pop shop that is incorporated for legal reasons. Meaning that the victims of these crimes are mostly going to be small operators, and as the article notes, in the case of fraud, the credit card companies try to re-coup the funds from the merchant.

So that means in the case of successful fraud, the small business people are the ones who have to pay. This case is particularly evil because in every way it was through no fault of the victimized business itself. They shouldn't be required to pay.

So it seems to me that the whole problem is poor identity verification. The merchant account brokers that process the transactions and the banks themselves apparently don't lose any money on fraud, instead it's business as usual and they get their cut. I know it's not an easy problem to solve, given how cavalier people are towards their personal details and information security.

If the banks were the ones who had to swollow the loss on fraudulent transactions I bet there would be some rapid advancements in secure transactions. I know that wouldn't solve the problem in the case of a merchant that misbehaves or doesn't care about fraud if they can pass the loss off somewhere else. But clearly more needs to be done.

I think a good start would be enacting and enforcing stricter privacy laws.

They steal entire companies!

Is that a company in your pocket, or are you just happy to see me?

surely you can come up with better stories

Identity theft is a serious crime, but honestly, this is just a new wrinkle. With everything out there cant you do btter than this??

Re:surely you can come up with better stories

Surely you can dare to post logged-in... ;)

This happened to the TV show punk'd

[Fr05t]

Ashton was quoted saying, "Dude where's my company."

Re:This happened to the TV show punk'd

[slashdot_punk]

Maybe now the credit theft problem will be fixed....

You guys realize... TransUnion, Experian, Equifax are companies. i.e. vulnerable. :)

seems it would be

[Prince+Vegeta+SSJ4]

just as easy, and potentially more profitable.

All you would need is a legit FEIN, and real or forged Articles of Formation. Maybe an operating agreement. Open a bank account and VOILA!

Re:seems it would be

[robogun]

I'm not so sure it would be as easy as mentioned in the article. Banks pay VERY CLOSE attention to new merchant accounts. In this case there would be a discrepancy between the company's Dun & Bradstreet, and what the income the scammers stated would be anticipated from the cards.
Such a brand-new account suddenly receiving tens of thousands in a few days (the only way the scam would be worth it) followed by a quick attempt to transfer those funds would trigger an investigation and have the funds held. Banks DO NOT like to lose this kind of money, and a merchant account provider which made it this easy for scammers would find its balls permanently cut off by VISA and MasterCard.

Re:seems it would be

[robogun]

I agree, but the article is talking about merchant account fraud (where companies go to a special type of bank account to accept credit card payments). Unlike personal credit card accounts, this process is vetted at all levels. Like you said, fraud at cardholder level is unlikely to provoke a useful response. But this article is talking about fraud at the level of the credit card acceptor - a much higher level. I was suggesting that the merchant bank who provides this service to these companies is risking its entire ability to open merchant accounts -- that VISA and MasterCard would literally put it out of business if they felt they were being defrauded, since they're who pays for this type of fraud.

Re:seems it would be

[Colymbosathon+ecplec]

" just as easy, and potentially more profitable.

All you would need is a legit FEIN, and real or forged Articles of Formation. Maybe an operating agreement. Open a bank account and VOILA!"

Not anymore. I sometimes set up LLC's and corporations, and now you need photo ID and other documents to open a bank account. I will admit that there are workarounds, however.

Fraud != Theft

[Theseus192]

I hate it when the mass media call it "identify theft." If someone impersonates me, he's not taking away my identity, he's committing fraud.

Repeat after me... intangible and intellectual "property" cannot be "stolen." It can only be used in unauthorized ways.

Re:Fraud != Theft

Yeah... the slashdot blurb is just awful, complaining that people "lose their identity" to "thieves".

But really, a victim still has his or her identity. The problem is that someone else has it too!

Re:Fraud != Theft

[Orbital+Sander]

I hate it when the mass media call it "identify theft." If someone impersonates me, he's not taking away my identity, he's committing fraud.

If someone assumes your identity and racks up credit card charges in your name, you lose your credit rating and good standing. I have no problem calling that 'theft'.

Re:Fraud != Theft

[Rev+Wally]

I think if the term "Theft by unauthorized taking" differs from, say, "Grand theft auto", than there can be a legal deffinition of "theft" of intangible "property".

Re:Fraud != Theft

[Rolo+Tomasi]

Why stop there? Why not call it rape? 'Identity rape'. Has a nice ring to it.

Re:Fraud != Theft

[masoncooper]

I don't think you understand the definition of "theft".

They never stole your credit rating, they impersonated you and tarnished your reputation.
They fraudulently acquired goods which can probably be considered stealing from some merchant in the transactional process, but they did not steal that item from you.

Remember, a verb acts on a noun!

Re:Fraud != Theft

If someone impersonates me, he's not taking away my identity

Are you sure? If you don't get a loan because "you" have fucked up your credit rating, is it still your identity? If you get lots of people demanding money for things "you" have bought, is it still your identity? If you can't get on a plane because "you" have been acting suspiciously, buying components that can be used for explosives on your credit card, is it still your identity? Or has your identity been taken away and used by somebody else?

I'm one of the first to point out that copyright infringement isn't theft, even when people are referring to GPL violations, but I think t hat identity theft can quite legitimately be called theft. It's not like the impersonater is making a copy of your identity and damaging the copy, he's actually taking your identity from you.

Re:Fraud != Theft

[Tenebrious1]

I hate it when the mass media call it "identify theft." If someone impersonates me, he's not taking away my identity, he's committing fraud.

Stealing someone's identity is indeed fraud, not theft, that's true. However, using that fradulent identity to purchase goods falls under federal "theft by deception", and thus "identity theft" can also mean "using someone's identity to steal".

Re:Fraud != Theft

[DavidTC]

I agree with you, I hate that stupid term.

'Identity theft' is doublespeak. If someone pretends to be a police officer, they aren't committing 'police officer theft'. They're impersonating a police officer. If someone sells counterfeit Levis, they aren't commiting Levi-label theft.

Identity theft is really 'Some company was too stupid and trusting and now you have to clean up the mess.'. The 'thief' didn't steal a damn thing from the 'victim', the thief stole something from the company, and they turned around and victimized someone else.

Re:Fraud != Theft

Mod parent up.

Agreed. "Identity Theft" is the only 'theft' I know of where the owner always get's the 'stolen' item back (or, actually, never really 'lost' it in the first place).

It should clearly be called "Identity Fraud" (or just plain Fraud, but who am I to deny the buzzword industry a paycheck?)

Re:Fraud != Theft

[LaCosaNostradamus]

If someone impersonates me, he's not taking away my identity, he's committing fraud.

But the mass media is very, very vested in this New Economy thing -- literally, technocrats of the first order -- and really, really want to get people to transform their lives into the most Teflon-coated fiscal state possible (the velocity of money always being of interest to the banking and merchant classes). The phrase "identity theft" does not hinge on the word "theft" ... it hinges on "identity", and that's what people want to focus your attention on. If they can get you to agree it's IDENTITY theft, and not identity THEFT, then they have obtained your cooperation in continuing the conversion of a citizen into a consumer.

Remember the "inheritance tax"? The mass media has managed to transform that into the "death tax". The word change fools people into thinking the mean, big, bad ol' government is a tax and fee confiscator of the highest order (*), and literally taxes people simply for dying. The inheritance tax doesn't work that way since it has a huge exclusion ($650K by 1999) that makes it apply to a small fraction of newly dead Americans (at most 2% this year) that themselves haven't taken full advantage of things like family trusts. Yet this tiny minority tax was demonized and the public wording of it changed to reflect it.

Getting back to identity theft ... if we would decrease the concept of money velocity with respect to business transactions, then identity theft, fraud or whatever would decrease remarkably. I in fact don't actually believe in identify theft or fraud. The twits who will actually trust a voice over a phone speaking a 12-digit number, are the ones I firmly blame. If businesses want to indulge in higher velocity of transactions, then they are entirely to blame for the expansive fraud possibilities that result. A business who uses a fraud-prone transaction system should eat the losses incurred thereby.

* As a matter of fact, with a middle class person being hit for at least 40% of his income due to income tax, gas tax, sales tax, property tax, and other such fees, I'd have to say that it IS a confiscator of the highest order.

Re:Fraud != Theft

[shyster]

It's called identity theft so that the credit card companies can convince the public that it's their problem. In reality, it's just plain old theft from the credit card companies. And it's the credit card companies problem, and the lax security standards they practice that allow it to take place.

Quite honestly, I have little sympathy for a credit card company who mails out pre-approved credit card offers requiring only a few boxes worth of information and a signature (which isn't even verified) to accept. When these are stolen, the person who's application was forged is stuck cleaning up the mess. I think they should sue the credit card company for time and damages. Of course, the CC providers won't stop because they make so much money doing pre-approved offers. Well, they should consider this theft part of their business model then and stop making consumers worry about it.

Re:Fraud != Theft

Now that you've gotten COMPLETELY off topic, I'd like to correct your class warfare assumption. A $650,000 exemption to the most unfair tax in history is not as big as it sounds. If you own a business of any size or a family farm, you get screwed big. If you're a billionare or multi-millionare, the tax doesn't affect you since you had your tax attorneys set up a trust and shelter everything. Do you honestly think Bill Gates will be giving 55% of his estate to the government if he dies anytime soon? This tax affects the middle class, no matter how you look at it. As for the rest of your rant, it's completely off topic and just a bunch of paranoid socialist rambling so I won't even bother commenting on it.

Re:Fraud != Theft

[gcaseye6677]

I have never been able to figure out what the problem is with "pre approved" credit card offers. All they are is an application for a credit card. Every one of them that I have seen, and I get one almost every day, requires a SSN, birth date, mother's maiden name, income, employer. If you have all of this information about a person, you can just go to the credit card company's website and fill out an application for the same card. The pre approved offers are just applications sent out to people whose data has been mined from credit reports as desirable prospects based on whatever criteria they use. If I'm wrong, please correct me, but the way I see it nobody can use a pre approved app to get a card in your name if they couldn't have done it without the app.

Re:Fraud != Theft

[slashdot_punk]

You can steal intellectual property if it is information that could not be reinvented, guessed, or regenerated by a seperate party.

For example: company A generates performance statistics yearly for each employee for 20 years of operation. Each year's worth of data is unique and unreproduceable, obviously because no day is the same, no employee is the same, and the employee roster changes monthly.

If competing company B gains the information through illegal means, it has stolen the information because it would have had absolutely no way to independently generate this particular data set on its own.

Sure my example may be a little contrived, but the concept still holds.

Re:Fraud != Theft

[LaCosaNostradamus]

The case for the inheritance tax is being undermined by the middle class being fooled into thinking they'll be stockholding millionaires by the time they retire. Surveys are very revealing on this point: people in general are of the opinion that the tax MUST apply to them (false) or WILL apply to them (ha haa, right, there's no way the middle class will blossom into millionaires).

The 1999 $650K exemption is EXACTLY as big as it sounds. It allows over 98% of individuals (and that's just this year's projections; it's commonly 99%) to escape it. The average working man will never be affected by it.

But keep up the anti-Socialist ranting yourself. You'll have nothing to stand on when the vast swarms of fools suddenly realize that they will NOT die rich from all their bombed-out stocks, that their houses are at least 70% overpriced, and that the "death tax" is just another scam pulled by the rich to duck yet another of their diminishing obligations to a dying American society.

The inheritance tax is a tax on wealth, and since it hits 1-2% of the population, that makes it entirely fair. There's nothing wrong with taxing wealth, if we tax nearly everything else (and we do). Somebody's gonna get caught in gears of any tax! Yes, some people have to sell the family business to afford to pay the tax, but America had a long period of stability with the rich being taxed like that, and it commanded the world's finest education system, road system etc. during that period.

Re:Fraud != Theft

[shyster]

You're right...you could get the card online with that information. That's the problem. It's trivially easy to have access to someone's SSN and birthdate. I don't think they check mother's maiden name - it's just a question they can parrot back to you later.

The advantage of a pre-approved card is that (a) you know the victim is pre-approved, therefore likely to be given the credit. (b) You have the person's address, so you can watch for the actual card (which you have to activate, usually with the ZIP code...how dumb is that?). (c) There's no follow up, so the victim never knows a card was taken in his name.

Then, to top it off, the CC companies spend millions of dollars convincing Joe Consumer that showing ID is too much of a hassle (see the Visa check writing television ads). With just a signature on the back of the card, you're all set to go. If you want to order online, all you have to do is know the billing address of the card.

Bottom line is the security model of the CC industry is incredibly weak. Of course, they still manage to make millions of dollars - but then try to convince consumers that it's their fault that people are pulling off fraudulent CC transactions. How would people react to a me literally giving out money to someone who says they're you based on a SSN and birthdate? And then coming to you for payment? Why is that only the CC industry has this problem, and banks don't, payday loan operators don't, cash for title shops don't, Rent-to-Own stores don't, etc.?

Re:Fraud != Theft

[MickLinux]

No, you're right that fraud is not theft, but wrong on another account.

When the criminal's fraud is exposed, and the banks hold you accountable for his crime and the banks' weaknesses, and bill you for the criminal's purchases, ... that is theft.

Good Idea

[alarocca]

I love these articles that outline great ways to break the law. Like the one a while back about how to open a kryptonite U-Lock with a pen. It used to be hard to come up with great criminal schemes...now you just have to watch the news.

Re:Good Idea

[Rev.+DeFiLEZ]

Security through obscurity never works. The only thing putting on the news does is create outrage until the problem is fixed. "criminals" (and kryptonite) knew about the u-lock bic pen weakness for _years_ (2-3) now that it is on the news, kryptonite is replacing the defective ones.

now maybe the banks will ask the client for their goverment papers that proves they registered the bussiness.

Re:Good Idea

You sound like the people who advocate War on Drugs instead of information and education. Information is *never* a bad thing.

Erlang Smorgreff

Re:Good Idea

Very true... When I was in Junior High, I was watching TV, happened to flip by Oprah... It caught my eye and I watched cause they were explaining, by showing examples, of how theives break into homes. The trick I remember was simply taking screw drivers to pop sliding glass doors off their tracks. We had a one of those doors and I used to break into my own house on a regular basis when I forgot my keys. (an attached tool shed was always unlocked, and provided no access to the house which is where I got the tools)

Pretty simple trick, but it had never occured to me, and probably never would've if Oprah hadn't been not only nice enough to tell me about the trick, but to also show me how to do it as well.

Re:Good Idea

It used to be hard to come up with great criminal schemes...now you just have to watch the news.

Or just pay attention to politics...

Re:Good Idea

[peragrin]

You aren't smart enough to figure that out on your own? I routinely broke into my parents house when I forgot my keys.

I would get home realize my mistake, walk down the street to my brother's babysitter's house, borrow her phone, call my mother, ask to borrow a few tools, open a door(I am not saying which), walk through the house get my keys, put the dog on her leash and walk the dog and return what I borrowed.

Did that a couple dozen times through out high school. Also note that I never left a trace of how I did it. One door was just easy to open.

I didn't need anybody to tell me how, I was smart enough to figure it out myself. Also note opening windows from the outside was nearly impossible as they were casement windows. Damn gearing.

Re:Good Idea

Repeat after me: /. != "news" (even if the word "news" does exist in their byline).

Re:Good Idea

[tsstahl]

now maybe the banks will ask the client for their goverment papers that proves they registered the bussiness.

Every business bank account I've ever opened needed to see my state tax registration paper.

Re:Good Idea

[LaCosaNostradamus]

After Oprah had taken her precious time to explain to you how your home was insecure, did you then install a lock or guard mechanism on your own sliding doors, which defeated the exploit? Why else did Oprah reveal it? As I'm sure you know, when you buy a door at Home Depot, it doesn't come with a placard that outlines how people can easily defeat the lock.

Re:Good Idea

If security through obscurity never works, then why do all you slashdot bitches keep saying OS X is secure only because it's obscure.

Re:Good Idea

I am thinking of a number.... Wrong!!!

Re:Good Idea

[chickygrrl]

It wasn't a matter of forgetting my keys so much as just losing them. Through middle and high school, if my father wasn't home when I got there, I'd borrow a fork from a neighbor and pop the lock to my front door like you'd do with a credit card. And once when I was in a rush and locked my keys in the house, I used a chisel to unscrew the hinges on the door leading into the basement to get in.

Re:As long as...

[hype7]

on the subject of questionable ethics, does anyone else wonder about the guy who said "One did concede, however, that the scheme has real potential"? Potential? Potential? Maybe "potential for abuse" would be ok, but the way that's phrased at the moment... I can see the cogs turning over in this guys head for companies to target!

-- james

MP

And so - the Crimson Permanent Assurance was launched upon the high seas of international finance!

Re:MP

[fizban]

[singing]
It's fun to charter an accountant
And sail the wide accountancy,
To find, explore the funds offshore
And skirt the shoals of bankruptcy!

It can be manly in insurance.
We'll up your premium semi-annually.
It's all tax deductible.
We're fairly incorruptible,
We're sailing on the wide accountancy!

Hmmmm...

For some reason this just does not generate the sympathy in my heart that stories of personal identity theft does... I wonder why?

Re:Hmmmm...

[Phleg]

It should. Who do you think loses out when the company has several million dollars stolen through identity fraud? The C-level executives?

Re:Hmmmm...

[DavidTC]

Who do you think gains out when a company has several million dollars that aren't stolen?

Re:Hmmmm...

"For some reason this just does not generate the sympathy in my heart that stories of personal identity theft does... I wonder why?"

Because you're a fucking socialist!

Maybe you don't care about eating at anyplace other than MacGov but some of prefer to buy our armidillo at the market and have it cooked at our favorite Cambodian restaurant.

well documented type of theft , just not reported

[Anonymous+Chemist]

check out the link http://www.iwks.com/features/default.asp?pagetypei d=2&articleid=31496&subsectionid=655 this type of theft is well known; just not as reported as personal id theft. From other stories is seems the average is 30,000 or more per theft. Seems that perhaps the victum in this story came out lucky. However since you have to provide ID and would get captured on camera setting up a checking account, keeping your real ID does seem to be a challenge.

Theft via deception = Theft

[squiggleslash]

We're talking about a crime, as I understand it, that involves taking property from others by pretending to be someone you aren't. We don't talk about "Lock theft" (as in you pick a lock, get in, take what you want, and run out), but if it was unique enough for people to want to deal with it in special ways, I'm sure we would.

I'd say it's legitimate to call Identity Theft "theft" under the circumstances, whatever your opinions are on the "proper" wording for piracy.

Re:Theft via deception = Theft

"Lock theft" would be stealing the lock.

Re:Theft via deception = Theft

[(void*)]

But deception is also fraud. The grandparent poster is NOT WRONG, and has a point. The point being that
even if the theft did not go through, one can still
prosecute it as fraud. Thus the credit card companies who repay the merchant but don't persecute
the fraudsters even with a lot of evidence are PART OF THE PROBLEM.

Re:Theft via deception = Theft

The grandparent's comment was that this is not theft. So yes, he was wrong.

Yes, he's right in saying it's fraud, as are you. But your comment is more accurate "it's also fraud".

Saying no theft is involved in identity theft because it's actually fraud is like saying the US isn't a democracy because it's a constitutional republic.

Re:Theft via deception = Theft

[Nept]

Thus the credit card companies who repay the merchant but don't persecute
the fraudsters even with a lot of evidence are PART OF THE PROBLEM

Yes, the credit card companies have it nailed down to the last dollar - Will it cost more to
a) Prosecute the fraudsters
b) Repay the merchant
They choose B in most cases. There's a high cost of litigation in this country.

Same with car insurance. I was sued in an obviously bogus manner once, AAA even admitted when I called them that the lawsuit was a total fraud. Yet, they paid the $15,000 (and raised my insurance a couple hundred a year) because it would have cost them too much to take the case to court.

This is a smart business decision for credit card and insurance companies in the short term, but not in the long run.

Re:Theft via deception = Theft

[shreak]

>We don't talk about "Lock theft"
>(as in you pick a lock, get in,
>take what you want, and run out)

It's called "Breaking and entering" and it's a seperate crime from theft. You get charged with B&E even if you didn't take anything or just "looked around". Even if you didn't "break" anything to get in.

If you steal stuff, you're charged with that too.

The law is pretty specific about these kinds of things. Fraud is fraud, theft is theft. They are not the same thing.

=Shreak

Re:Theft via deception = Theft

[squiggleslash]

It's called "Breaking and entering" and it's a seperate crime from theft. You get charged with B&E even if you didn't take anything or just "looked around". Even if you didn't "break" anything to get in.

That's not "you pick a lock, get in, take what you want, and run out" then, is it?

In this case, as with identity theft, we're talking about a case where theft is happening. The OP believes that it isn't theft if the stolen items were obtained through fraud, more to the point he specifically claims that no goods are even taken through this system!

Repeat after me... intangible and intellectual "property" cannot be "stolen." It can only be used in unauthorized ways.

Identity theft is not merely fraud. We don't generally use the term to describe someone immitating another individual merely to slander them or otherwise piss them off. We use it for the very specific set of circumstances where the identity of a third victim is used to obtain goods and monies from an unwary victim.

Identity theft is theft. You may not "stealing" someone's identity, but you are stealing. How else do you describe deliberately illegally obtaining stuff that doesn't belong to you?

Re:Theft via deception = Theft

[FreeUser]

The grandparent's comment was that this is not theft. So yes, he was wrong.

Yes, he's right in saying it's fraud, as are you. But your comment is more accurate "it's also fraud".

You are both correct on semantic technicalities, however, the (great-great?) grandparent post is correct in its overall argument that the implied meaning of "Identity Theft" isn't "theft through fraudulant assumption of someone else's identity" but rather "Theft of someone's identity", which is a nonsensical notion that results in muddy thinking at best. No one's identity is being "stolen" (I don't lose my identity if someone engages in fraudulant activity pretending to be me, I lose my good credit rating and a great deal of time, but nevertheless, that isn't 'theft' of my identity, it is fraudulantly assuming my identity. There is a real difference, and our use of language should reflect that fact.).

Indeed, people refer to "Identity Theft" even when nothing of value has been stolen (yet) ... examples include fraudsters who are caught with credit cards in people's names they haven't yet used to commit theft with. So the term is being used in a manner consistent with the implied meaning of "theft of identity" and not the one implied in the semantic games that have followed meaning "theft by means of identity."

Fraud and theft are indeed both occuring, but "Identity Theft" (theft of identity) is not. The great-great grandparent post is correct ... the term is a crappy one, as muddled and incoherent as the term "intellectual property," and anyone wishing to think and communicate clearly ought to consider avoiding it.

Re:Theft via deception = Theft

[shreak]

> The OP believes that it isn't theft if the
> stolen items were obtained through fraud

No the OP believes that the term "Identity Theft" implies that the identity was stolen. Just as your "Lock Theft" implies that the lock was stolen.

There is a crime here, it's theft of property (the merchandise that was stolen from the store). The mechanism used to steal the stuff was fraudulent use of someone's credentials (identity). This mechanism already has a term (fraud) and it's already a crime to perpetrate it.

The OP is complaining because everyone keeps using the term "identity theft" for which there is no crime on the books.

No doubt some official somewhere will get lathered up and make a law about "identity theft" when there is a perfectly good one available.

=Shreak

Re:Theft via deception = Theft

[korbin_dallas]

Correct.

Sprints' answer to try and clear up a deception in my wifes name was to send her a document to sign.

The document merely transferred the fraudulent account to our REAL address.

The companies ARE part of the problem, and I am glad the fraudsters are attacking them directly.

Re:Theft via deception = Theft

>The companies ARE part of the problem, and I am glad the fraudsters are attacking them directly.
Um, do you know that there are different companies, and that some are victims of "identity theft" and some are not? TFA referred to small companies that DON'T accept credit cards as the victims here, not giant companies like Sprint.

Re:As long as...

[ArsenneLupin]

They nail the AT&T's and Microsofts, and not the smalltown businesses owned by ma and pa (are there any left?), I don't have a problem with it at all. Go crooks go!

Problem is, they do target ma and pa businesses. Indeed, apparently their scheme only works if the victim does not yet have a merchant account on his own (or else the fraudulent account would be easily flagged as duplicate...). Thus the perfect victim is a company too small to be accepting credit cards. Sorry, Microsoft will unfortunately never be the target of these gentlemen;-(

Note: IRS has a new address

[perdu]

Dear Taxpayer, Your local IRS office address has changed. Please mail all taxes in the future to: Internal Revenue Service Box 1776 The Cayman Islands

Re:Note: IRS has a new address

[BeannieBrewer]

hey that was my scheme... er idea.

Re:Note: IRS has a new address

[TykeClone]

That's why you should make out your checks to the "United States Treasury" instead of the "IRS".

This has actually been done before, and anyone can open an account for, as an example, "IsoRectal Spectroscopy" dba "IRS" and cash stolen tax checks.

Re:Note: IRS has a new address

[perdu]

This has actually been done before, and anyone can open an account for, as an example, "IsoRectal Spectroscopy" dba "IRS" and cash stolen tax checks.

Interesting -- I opened a bank account recently for a non profit and had to get a taxpayer id from the IRS first. So maybe they watch out for this sort of thing...

Re:Note: IRS has a new address

[TykeClone]

That's because it was for a non-profit. Open a sole proprietorship for yourself, and open an account as John Doe, dba IsoRectal Spectroscopy. If you can get your hands on some checks meant for taxes, but written to "IRS" - you can deposit them (IRS would make sense as a abbreviated name for your dba). Once caught, you'd probably be in trouble, but it can be done.

Note to our "friendly government lurkers" - I do not advocate, recommend, or in any other way think that this is a good idea. I prepare taxes during the spring and always recommend that any checks are made out to the United States Treasury. I heard about this kind of a scam when learning about tax preparation.

Re:Note: IRS has a new address

[crawling_chaos]

Once caught, you'd probably be in trouble, but it can be done.

Impersonating the IRS and frauduently cashing tax checks? Yeah, that will probably get you in trouble. If you consider the almost certain 20 year sentence in FPMITA prison to be "trouble."

Re:Note: IRS has a new address

[TykeClone]

I do consider that trouble - see my disclaimer :)

Re:Note: IRS has a new address

[Trailer+Trash]

Another way to cash IRS checks that I've heard is to "fix" the "I" into an "M" with 3 more lines and then write a woman's name after it. "United States Treasury" is a much safer bet.

Re:Note: IRS has a new address

[mdfst13]

"to the United States Treasury"

Couldn't you make the check out to "Internal Revenue Service" as well? Wouldn't that have the same effect?

Re:Note: IRS has a new address

[TykeClone]

Yes. Just don't write it to the "IRS". I think that "United States Treasury" is preferred and that is what the instructions for the tax forms call for.

Re:Note: IRS has a new address

I remember a case of this occuring in payment processing for US West (telcom bought by Qwest), people who mailed payment to "US West" instead of "US West Communications" or something like that. Some guy changed his name so his first initials were U and S with last name West, and was cashing peoples bill payments. So this has been done before and people should take care not to attempt shortcuts out of laziness (yeah right)...

Re:Note: IRS has a new address

[MickLinux]

Ummm.... couldn't someone do the same with the "United States Treasury Fund" dba UST? That said, trying to rob the government of money that they have legitimately stolen is an effective way to get dead, fast.

Of all the stupidities of criminal behavior, targeting a host that is huge, and able and happy to swat you, seems to me to be near the top.

Re:As long as...

[NoMoreNicksLeft]

Oh well. Figures.

Stolen?

[TrollBridge]

How exactly is one's identity stolen?

I was unaware that my identity was a physical object that could be carried away by burglars. Would a victim of "identity theft" no longer exist? Or would they become an identity-less zombie?

THIS IS NOT THEFT!!! Theft involves the physical taking of something!! Why do people insist on using inaccurate and inflammatory terms like theft when refering to the LIBERATION OF DATA!! INFORMATION WANTS TO BE FREE!!!!

Re:Stolen?

[Saeed+al-Sahaf]

THIS IS NOT THEFT!!! Theft involves the physical taking of something!!

Like credit cards with SOMEONE ELSES name on them? Like SOMEONE ELSES money or "physical" merchandise? Theft is when you steal something of value. Websters gives examples of both tangible and intagible theft.

Besides, what's your point? Just trying to be argumentative, or perhaps justify something darker?

Re:Stolen?

[CharlieHedlin]

Ok, they borrow your identity, trash it and return it. If they did that to your car, they would have stolen it.

I know trying to clarify the definition of theft is usefull when trying to argue you aren't stealing songs when you infringe a copyright, but this is another matter. In that case there is physical data being copied, and many copies can be made.

Identity is an even more abstract term. There is one of you, and therefore should be one identity. It is definately diluted when someone else uses it, so it is theft.

Re:Stolen?

[pjt33]

INFORMATION WANTS TO BE FREE!!!!

So I'm sure you won't mind posting your credit card number, bank account numbers, and any associated PINs / passwords. Oh, and your full name and address, while you're at it.

Re:Stolen?

[TrollBridge]

If someone's credit card was physically pilfered, you might have an argument. However I can't imagine that piece of plastic is worth very much; my bank will simply send me a new one at no charge. And this isn't about money either; this so-called "identity theft" never involves the physical theft of cash. Even if these "thieves" gain unauthorized access to someone's bank account, and make a balance transfer to another account, there still has been no loss of physical property. No theft has occurred. If somebody behind me copies the number down on a piece of paper, I still have my card. No theft has occurred.

Re:Stolen?

[SydShamino]

Actually, all you need is social security number and date of birth. That's all they needed to open two cell phone accounts in my wife's name and rack up a few thousand dollars in charges, and cost us time and patience to get them cleared.*

Sadly, thanks to the failed "your social security number won't be used anywhere except to pay taxes" promise, most of us would find our social stamped across old school records, with our date of birth listed right below. Heck, going through some old boxes of tax records I found that BankOne used to print the account holder's social at the top of every statement. Sheesh.

* And it still affects us. Even though the charges are gone, we recently decided to switch cell phone carriers to one of those that had had a fraudulent account. It took my wife an extra half hour with their fraud department before they would unflag her name and let her open a legitimate account with them.

Re:Stolen?

Poster's point was probably to make fun of everyone on here who says that copying music isn't "stealing."

Re:Stolen?

[ianturton]

Ok, they borrow your identity, trash it and return it. If they did that to your car, they would have stolen it.

Not in the UK they haven't, its called "taking without the owners consent (TWOC)" to specifically show the difference between stealing a car (permenantly depriving the owner of it) and "borrowing" it.

Ian

Re:Stolen?

[duncanbojangles]

You say that like its a joke, but I've seen it happen. For some stupid college club presidential election, each nominee had to make out a certain form. Well, someone went so far as to put her full name, address, and social security number. Thank god we caught it before we put the flyer up. Needless to say, she didn't win.

Re:Stolen?

[pjt33]

Ah - cultural differences. Over here in Britain your National Insurance number is only used by the Inland Revenue - although when I last moved house I was warned to get mail redirected to prevent identity fraudsters sending back the junk credit card application forms I get, for which name and address seems to suffice.

Re:Stolen?

I think he wants this to be called "piracy".

How to article

[raider_red]

Does anyone else have a problem with the level of detail in the article? They not only report on the scam, but tell exactly how it was carried off. They've even provided the names of the merchant transaction companies which can be suckered.

Re:How to article

[surprise_audit]

Does that really matter?? Those merchant transaction companies have jus been burned - hopefully they'll learn from the experience and do due diligence in making sure that the companies opening accounts are legitimate. Shouldn't be too hard. If the new account is in the same town, just try to find the address. If they're elsewhere, pick a random Private Investigator out of the phone book to do the same. Gotta be worth a couple of hundred to get a PI to swing by the address and see if it really exists.

Even just using one of those "guaranteed delivery" letters from USPS, FedEx or UPS would show if the address was bogus.

Then, of course, the scammers would start renting actual offices...

Re:How to article

[Zak3056]

They not only report on the scam, but tell exactly how it was carried off. They've even provided the names of the merchant transaction companies which can be suckered.

To me that says one thing: honeypot.

Re:How to article

[raider_red]

Or they could just get a box at the UPS store, or talk some nice sucker into receiving packages for them at home. There are a number of ways to set up a fake physical address.

Re:How to article

[surprise_audit]

Then the PI would discover that the mailing address for the big, flashy, tens/hundreds of employees, multi-thousand dollar company portrayed on the website is actually just a slot at Mailboxes Etc, or a one bedroom apartment in the seedier side of town. Yes, even then it would still be possible to set up a legitimate-looking address, but if the merchant transaction companies would just do a bit of legwork, they could make it much less profitable for the scammers.

Re:How to article

[gregmac]

Does that really matter?? Those merchant transaction companies have jus been burned - hopefully they'll learn from the experience and do due diligence in making sure that the companies opening accounts are legitimate.

I was involved with a company that just did this. I had setup a website for a university to do online registrations for the frosh week packages. After dealing with all the red tape you deal with at a university, they finally got their merchant stuff setup in mid August, and we put the system live. Within two weeks, about 800 people registered (since frosh week starts in September), which at $75 a pop comes out to $60k. They told me that a couple people had actually dropped by from the payment processor, just to be sure it was legit. It was nice to see that happen.

The company, btw, was Paradata, and as a developer I'd recommend them to people. Nice API.. the only thing that's a bit lacking is their interface to look at your account, but it's still usable.

Bring on those people who roll their eyes

[Featureless]

...every time some "paranoid" person starts talking about security. You know who I'm talking about.

They're everywhere. Nobody thinks worrying about security is cool or fun, it seems like a waste of money, a sign of mental instability, even a kind of obsessive behavior.

Everyone much prefers to be surprised and wave their hands when things go wrong. "It's out of control. You can't stop hackers/criminals/etc."

People have a terrible problem understanding scale. Nobody understood at Microsoft that the computer wasn't a little house in the country where you could leave the doors unlocked so occupants wouldn't have to fumble with the keys. When engineers there raised the problems they were scoffed at, disciplined. "Keep your priorities straight. Don't be paranoid." Nobody got it when the first spam was sent and we were all outraged... "What's wrong with a little spam?" How about what's wrong with 300 spam a day? It's just the "logical conclusion" - which is not logical anymore to people who don't like to be bothered thinking deeply about their responsibilities.

The many systems our financial institutions use for identifying and tracking "consumers" are ridiculously insecure. And although the victims wail and now are allowed a few minutes a month to tell their horrible tails on 60 minutes, we as a whole seem determined to close our eyes and race grinning into the brick wall of scale again. How many hundreds of thousands of people have to have their lives ruined before colleges stop making everyone spout their social security number like it's their first name, and the mother's maiden name loses its appeal? How long before companies stop letting $5 an hour employees handle "meaningless" data (with literally no background checks or security controls) that is worth millions when properly exploited?

This is a cultural change we need to kick off. We need to take security seriously. It needs to become uncool to roll your eyes and mock the security expert.

Re:Bring on those people who roll their eyes

Everyone much prefers to be surprised and wave their hands when things go wrong. "It's out of control. You can't stop hackers/criminals/etc."

People have a terrible problem understanding scale.

It's not a case of not understanding. It's that resolving the issues, or even talking about them, takes effort. And 99% of the time it will be wasted effort. So they think "it won't happen to me", and stick their head in the sand. And most people are rewarded for this behaviour, because most people aren't caught out.

That's why I hope that one of these days, a widespread worm will actually do some real damage instead of just acting like a spam relay or something. Email goatse to everybody in the addressbook type of damage. Something embarrassing, something people will pay attention to, but ultimately harmless. That will act as an innoculation against the real dangers (credit card fraud, identity theft, etc).

Re:Bring on those people who roll their eyes

[infinite9]

How long before companies stop letting $5 an hour employees handle "meaningless" data (with literally no background checks or security controls) that is worth millions when properly exploited?


It's worse than this. Someone walked into a bank in minnesota and tried to get a business loan for $18,000 using my information. Luckily, he was turned down on a technicality. I found out when I received the rejection letter almost the day I moved into my new house. He had applied for the loan using my address before I even closed on my house! I can name the person who did it to me... he was my mortgage broker. He quit. My file was "missing". Of course, the bank was no help, or was the company he worked for, so it was impossible to prove. He tried maybe a dozen times after that. He was unsuccessful every time. I'm not sure if it was luck, diligence on our part, or ineptitude on his. I suspect the latter.

Sooner or later, the financial system in the US will collapse. The culture of credit is a bubble that is, IMO, bigger and scaryier than the dot com fiasco ever was.

Re:Bring on those people who roll their eyes

[wikdwarlock]

The point about colleges and SSN's is very good. At some schools, whenever you call the registrar, financial aid, bursar, etc, the help desk person asks for your student ID, which is, of course, your SSN. The help desk person is invariably a work study student who's having a difficult time buying ramen noodles and beer every week. It's not that hard to write down every 5th SSN, take some time online, and make $$$. You can opt out of the program and use another number for your student ID, but how many students even know they should be concerned?

Re:Bring on those people who roll their eyes

[JimBobJoe]

How long before companies stop letting $5 an hour employees handle "meaningless" data (with literally no background checks or security controls) that is worth millions when properly exploited?

Or, alternatively, when will companies stop pretending that they can be trusted simply because of employee credit card verification checks, background checks and a piss test?

I like to look at it this way, here in Ohio (as in most states) you need to go through the most awewsome background check ever in order to take the state bar. Full multi level 10 finger fingerprint check (local, state, national) credit check, employer verification check for all jobs worked since you were 16, the list goes on and on and it may even go into your mental health history (one of the few jobs you hear of that occuring.)

In spite of all of this, the industry as a whole can be summarized as a convention of pricks.

There are limits to background checks.

Re:Bring on those people who roll their eyes

[Software]

Dude, you need to get a fraud alert on your credit report today. Call Experian and the other two agencies and explain what happened. Ask them for a fraud alert (I think that's the name, but I'm not sure) to be put on your report, so that any requests for credit will require verification. That is, the prospective lender will call you before they issue credit. I'm not sure if they're legally required to call you or if it's simply in their best interest. If you want this guy caught, then leave an outgoing message on your answering machine like this:

Hi, you've reached $number. To leave a message, press #. If you're calling to verify my number for an application for credit, please note that I have asked for a fraud alert on my credit report because somebody has been using my name to apply for loans. I am 5 feet 9 inches tall with straight brown hair, a goatee, brown eyes, a silver wedding band on my left hand, and wire-frame glasses. If the person who is applying for credit does not meet this description, please call the police immediately.

Of course, this makes it a pain to apply for instant credit (for, say, a Sears card), but it's worth it. One more thing: make sure that changes to your contact information in your credit report must be done in writing.

Re:Bring on those people who roll their eyes

[infinite9]

Actually, we tried to have fraud alerts placed in all three credit reporting agencies. The problem is that credit reporting agencies are just as bad (if not worse) than the credit card companies themselves. Since the credit card companies are their customers, and not the people they're gathering information on, they won't actually talk to you. To get a fraud alert, you have to send them a request, in writing. One of the agencies did this immediately. Another did so after a lot of harrassment. The third never did put it on. This was after following all the correct procedures. Once the fraud alerts were on, we ran into them exactly one time while applying for instant credit. In this case, it was a home depot card. The people at the store put me on the phone with their credit department. The woman asked, "Do you know why I'm talking to you?" I mentioned the fraud alert and that was it. Here's your card. No other proof was required. I bought a car without a word from the bank who wrote the loan. Fraud alerts are a joke.

If someone gets your information, you're hosed. There's only one thing you can do. It was modded +5 funny, but another post hit the nail on the head. Burn your credit rating.

Re:Bring on those people who roll their eyes

Uncool to mock a security expert?

Damn, my wife so needs to read this schnizzle.

Course, I must admit, keeping the upstairs blinds closed due to the increase in helicopter sightings might be abit overboard.

Re:Bring on those people who roll their eyes

[forkboy]

You could always find your mortgage broker and piss-pound him into giving back your file.

You're luckier than most people, you actually know the identity of the person who took yours.

Re:Bring on those people who roll their eyes

[mOdQuArK!]

Full multi level 10 finger fingerprint check

I assume that if you're short a few fingers, then you're out of luck :P

Re:Bring on those people who roll their eyes

[SomeGuyFromCA]

no, then instead of your fingerprint, they just write in '404'.

faked businesses?

We see this all the time as a MSP. Easy way to combat this sort of fraud: Get pictures of the physical business location's signage and inventory as part of the signup process in addition to all the other usual business documents.

FBI Not Interested?

Never mistake silence for disinterest (or assent, for that matter).

The FBI could be very interested in the Pakistan and Russian connections. However they are very unlikely to be discussing details of the case with regular civilians.

Or they could be disinterested.

mostly insider theft

[presmike]

Identity theft was covered at this years blackhat in vegas and it was stated the the vast majority of indentity theft is corporate insiders stealing the info and selling it on the web. Hackers/crackers only account for a small about of the current identity theft.

Re:mostly insider theft

[presmike]

I have the audio of the talk, i need to listen to it again and see if they mention a specific studies. here is a outline of the talk and more information on it:

In the past twelve months, the House has held two Congressional testimonies on the issue of protecting customer data. Witnesses from these hearings will present updated testimonies to a committee of security experts at the Black Hat Briefings. These updates will also include an analysis of action since the Hearings. The session will be structured like the Congressional Hearings with the addition of audience preparation and participation. The audience will have an opportunity to question and comment during the live forum. Original testimonies are available at http://energycommerce.house.gov/108/Hearings/11192 003hearing1133/Ansanelli1797.htm and http://energycommerce.house.gov/108/Hearings/11192 003hearing1133/Davidson1796.htm

banks

[095]

Setting up a website is easy. Maybe it's easy to convince a merchant processing provider to open an account, but surely you need very good ID to open a bank account? They have laws on money laundering and other stuff like that.

Re:As long as... Theft were OK

[NoMoreNicksLeft]

I have karma to burn. Only one of them was +1...

And if you want to know if I condone theft, then yes, against large corporations that have stolen my rights, government, and country from me... I don't mind seeing them get stolen from. It's about the closest thing to justice possible.

It hasn't been a week, where Balmer all but admitted that they were going to leverage their monopoly power of computer operating systems to destroy Apple and its iPod. He appears convinced Microsoft will lead the way in Digital Rights Management and also believes Microsoft will steal a march on Apple in making the digital home a reality because Apple "doesn't have the volumes". "There is no way that you can get there with Apple. The critical mass has to come from the PC, or a next-generation video device," he said."

But go on, tell me that we can fix this the right way, I don't believe you.

Damn right the problem is built-in to the system

[wowbagger]

You are damn right the problem is built-in to the system.

The scum create an account, and charge a bunch of crap to it from stolen cards. They then extract the money and run.

The people bilked bitch to the credit card companies.

The card companies attempt to reverse the charges.

The poor business who was impersonated gets stuck with the bill. At best, the company can establish its innocence, and the CC company writes the cost off its taxes.

If the *credit card companies* were the ones who had to suffer the costs of fraud, rather than shifting it to the companies or to the taxpayer, then they would be a HELL of a lot more motivated to add stronger authentication to the system.

As it stands now, if somebody is committing massive credit card fraud in the form of lots of small charges, and you try to bring this to the card company's attention, they blow you off because it just isn't worth their time - it is easier to just charge back to the merchants. A friend of mine who works in the order-processing chain for a large company ran into just that - he detected a fraud ring attempting to rack up a lot of charges, he called the card company and said "I'll give these guys to you with a ribbon tied around them - addresses, names, the works." "Not interested - bu-bye!"

Not Credit cards

[nurb432]

But they do accept souls..

why bother stealing a companies identity

[InfoHighwayRoadkill]

Why cant you just go and legitimately buy a whole series of off the shelf companies?

Then you get a totally legit and above board merchant account to run your stolen cards through.

Here in the uk you can see ads for pre-created legitimate shell companies that you can buy cheaply and rename to cut out the hassle and legal niceities of creating a limited company from scratch.

Re:why bother stealing a companies identity

[KatieL]

Actually, even if you rush off and buy an off the shelf company and a rename (for a hundred quid say). You still can't open a business account.

*I* own such a company, I use it, it trades, it files tax returns.... and the palaver I have to go through to open accounts and things is bonkers.

(Instead I have to turn up with massive piles of other documents.)

Because I don't have a passport. And in Britain, to open a company bank account, all the company officers have to turn up in person and present their passports.

So suddenly, you've got to get a fake passport as well.

And, bear in mind, you also have to somehow change the address of the company at companies house -- otherwise the trick of sending the mail to a duff address doesn't work; given the companies registration number it's trivial to find the registered address.

The only way to stay protected...

[SomeoneGotMyNick]

...appears to be by trashing your own credit. This way your credentials will be rejected for new applications.

Re:The only way to stay protected...

[Artifakt]

1. Start off as a person not using credit.
2. Apply for a moderately difficult to get account, such as a 9.5% preferred visa card, and not a simple card to get (i.e. a 21% Sears card).
3. On the application, list a low income, a job like "writer", and stipulate your income is irregular.
4. You now have been rejected for credit, and this will stay on your credit score for at least 2 years. At this point, the companies that would have issued you a small limit - high interest card won't see the reasons you were rejected, just that you were.
5. If you want to make really sure, repeat steps 2-4 a few times.

If you ever need to reverse this, complete a new application with a (hopefully true) higher listed income from a steadier paying job, voluntarily requesting a smaller line of credit that the maximum they will offer that income bracket.
At the worst, you may have to write a letter to one of the credit review agencies to make sure your record is properly updated, but no one in the more responsible side of the credit industry is going to blacklist you, and the less responsible side of the industry just looks at the highlights of the records Providian and the other review services provide.
This will not stop real fools from sending you letters that say you have been pre-approved for a line of credit based on your home ownership, even though you don't own a home. There are companies that have sent tens of thousands of offers out to minor children, and even one that sent several thousands of credit offers out to a list of people's pets some scammer had sold them after obtaining it from veterinary records.
These companies typically charge high rates and have lots of hidden penalties, have a lot of fraud committed against them, and in return play dirty in trying to collect from most of their clients. They work with collection agencies that will violate state laws whenever they think they can get away with it. They often fall afoul of the law themselves, and actually have a poor return on investment. Nothing short of finally going out of business will stop such fools from being scammed and wasting your time in return if someone commits a fraud agaisnt them using your identity.

Sorry I couldn't leave out step 2 ;-)

Re:The only way to stay protected...

[Surreal_Streaker]

If you contact the reporting agencies (Transunion, Experion etc.) you can ask them to place a fraud alert on your credit record. This discourages companies from providing you or an imposter with credit without a more thourough background check.

Re:The only way to stay protected...

[Maestro4k]

• If you contact the reporting agencies (Transunion, Experion etc.) you can ask them to place a fraud alert on your credit record. This discourages companies from providing you or an imposter with credit without a more thourough background check.

If you read through the earlier posts in the main thread you'll see one (it's been modded up high enough to show readily) from a person who tried to do this. First you have to request it in writing, then only one of the three added it without hassle. A second added it after much argument and harrassment (to the individual) and the third just never bothered, even though he complied with their regulations and requested it properly. After that he's only had the alert kick in one time, he even bought a car without the fraud alert being triggered. It's very much a YMMV situation, but I doubt they'll help much.

Additionally companies refuse to work with you when identity theft comes up. I have a friend who just found out someone's stolen her identity. The companies the crook applied to refuse to work with her to cancel them, even though she can prove she's the real owner of her identity. So right now there are credit cards issued in her name/social security number out there and she can't get the issuing companies to cancel them. So far they apparently haven't been used, so the companies are in effect refusing to stop them from being used fraudulently even though they've been notified that the cards were obtained illegally.

And I can throw in that I'm dealing with getting a fraudulent charge off my checking account made by a BANK. The bank in question decided to run an E-check through my account to make a payment on my Dad's credit card. I'm not on his credit card account, and he's not on my checking account. The E-check's "authorized by" line is smudged, the copy my bank received has the name after that unreadable. The bank who ran it refuses to even investigate the fraudulent charge unless they receive "a copy of the check clearly showing the name of the person who authorized it". Of course what they want doesn't exist, as they didn't provide a copy like that to my bank. So I'm out the money right now while I work on getting charges filed against the bank who did it. It's not exactly easy to do either, the sheriff's department isn't interested, yet I have to get a police report from them (I live in the county, not city). I'm going to have to take part of a day off work to get the report filed as they won't call me back to do one over the phone. I am quite seriously thinking of finding a good lawyer and suing this bank for interest lost and time lost from work plus damages. This simply should have never happened, and the fact that they claim they called my Dad at work and he both authorized the charge plus provided the account and routing numbers makes it worse. He doesn't have that info, and while at the house he could conceivably have hunted down my box of extra checkes to get it, at work he simply couldn't have done what they claim he did. Additionally, as a person at my bank pointed out, even if you accept their version of events, they have admitted to a federal crime, they are responsible for making sure the person actually has the authority to authorize the charge before proceeding with it, something they didn't do. (As for how they got the info, I've written checks for him to send in the past so he can save money by not buying money orders. Apparently someone saved that info in their system, quite possibly also illegal.)

So I'd say the real problems are within the financial industry. There's no real incentive for them to fix the holes, or solve the problems. You can't even get them to stop a crime when you notify them of it, and in some cases (hopefully limited) banks appear to be actively breaking federal laws and gaming the system. (My bank is also a victim, the bank who did this to me made sure that everything the automated systems would need to process the E-check was there, but that what was needed to get it undone (by their rules) wasn't.)

Yes they do..

[Pontiac]

If you don't have a support contract with MS than the only way to talk to them for support is with your credit card.

Interesting

[Saeed+al-Sahaf]

This is interesting because if it's true, shows a huge misconception in the "general public" and indeed in the both general and technical press. Who hasn't read some story or seen some report on TV about "phishing" and those evil "hackers" who sniff your internet conx looking for credit card numbers? And of course the huge story about Googleing for CC and SS numbers and such. I wonder if a study could be done, or more evidence of this relationship between corporate insiders and Identity Theft could be validated?

Re:Interesting

[Fulcrum+of+Evil]

Who hasn't read some story or seen some report on TV about "phishing" and those evil "hackers" who sniff your internet conx looking for credit card numbers?

It's not nearly as lurid to talk about joe schmoe, who got pissed at his boss and sold 100,000 customer records to some guy in detroit. Security breaches have always been about 80% inside jobs.

Re:Interesting

Sort of like how the press and parents focus on stories of strangers molesting kids when most of the time it is someone they know, epecially a family member.

Re:Damn right the problem is built-in to the syste

[CharlieHedlin]

You seem to think writing it off their taxes means the get to pass the full burden to the tax payers.

In this case, we are talking about the corporate income tax, which is based on profits. Your Gross Revenue - expenses. If they didn't get to write that money off, they would lose it AND have to pay taxes on it.

Re:thanks slashdot

Mmmm, if you try using Firefox's live bookmarks and go directly to a slashdot story, the 503 problems automagically dissapear.

Re:Damn right the problem is built-in to the syste

[qbzzt]

If the *credit card companies* were the ones who had to suffer the costs of fraud, rather than shifting it to the companies or to the taxpayer, then they would be a HELL of a lot more motivated to add stronger authentication to the system.

Except they are the ones who pay for it. They get to deduct a business loss from their taxes, because those losses reduce their earnings.

According to Bob Sullivan from MSNBC

[Threni]

> According to Bob Sullivan from MSNBC, "Many of the processing firms interviewed

etc.

Check out his picture from the article:

http://media.msnbc.msn.com/j/msnbc/Components/By li nes/mugs/msnbc_sullivan_bob_smile.cmug.jpg

I'm not sure I'd have put _smile in the filename. _something_stuck_up_his_ass perhaps. Have we finally tracked down the goatse.cx man?

Re:As long as...

[fizban]

Ah, relative morals, don't you just love 'em?

A crook's a crook, no matter his target.

Here are the facts...

[GooberToo]

...I've worked in the credit card industry for many years and am friends with a VP at one of the largest ISOs in the US.

Simple fact is, the system is not designed to prevent fraud. It is designed to detect, catch, and prosecute those that do exploit the system. Granted, the industry has slowly started trying to move toward a more proactive stance, while making it a little harder to comit fraud. But the merchants generally complain about efforts to make it harder on criminals and go out of their way to facilitate these types of problems.

Long story short, you may think you're getting away with these types of crimes, but rest assured, it's only a matter of time before you are caught and placed in jail.

Re:Here are the facts...

[JaxGator75]

you may think you're getting away with these types of crimes, but rest assured, it's only a matter of time before you are caught and placed in jail.

Puh-leeze... They'd have to legalize pot and kick all the "peaceful" felons out to make room for all the new prisoners. There are so many scams going from so many different countries, the Man will never crack down on even a small percentage of them.

However, don't let a little thing like reality keep you from believing that the Cops always get their man...

Re:Here are the facts...

[GooberToo]

LOL. Reality is a real bitch for you isn't it?

Statistically, you stand a far better chance of being caught than not.

Re:Here are the facts...

[JaxGator75]

I would have to be part of the scam to be caught, so I'll assume the "you" thrown in there is directed at someone standing behind me.

Let's assume, for a moment, that these criminals are even in the United States. You know what, nevermind. I feel stupid even acting like that's the case... Good luck putting all those Russian mobsters in American jail for fraud.

Re:Here are the facts...

[infinite9]

I seriously doubt it. Whether or not your caught has everything to do with return on investment. If the credit card company can stick a customer with the cost, that's far cheaper than the legal fees involved in doing the right thing. It's only the big fish that get fried. They persue fraud artists only if they're costing the company more than the legal fees to remove them. It's all part of their business model.

Re:Here are the facts...

[JaxGator75]

Heehee... I'm still laughing at your grasp of statistics.

I suppose you based that "statistically... far better chance of being caught" on the number of people caught and prosecuted VERSUS the number of people that get away with it??? Do I need to point out the flaw in this reasoning???

I guess that means the number of DUIs prosecuted is 100%!!!

Re:Damn right the problem is built-in to the syste

[surprise_audit]

[a friend] called the card company and said "I'll give these guys to you with a ribbon tied around them - addresses, names, the works." "Not interested - bu-bye!"

I hope he went on to discuss it with the FBI (assuming he's in the US). They're normally interested if a reasonable amount of money is involved and if someone else has already done the heavy lifting for them, it would look good on their scorecard...

NOW DC will do something about it.

[DAldredge]

Now, since those that fund the whores in DC are being hurt by this, DC will do something about it.

Wooo!

Hmmm... I wonder if I can masquerade as Microsoft and charge a few billion to their account...

From WordNet (r) 2.0 :

[DAldredge]

From WordNet (r) 2.0 :

theft
n : the act of taking something from someone unlawfully; "the
thieving is awful at Kennedy International" [syn: larceny,
thievery, thieving, stealing]

What is particularly outrageous is ...

[Presence1]

... that the company whose identity is misused is seen as being responsible for the losses. It is the merchant service providers and banks that should be held fully responsible -- they are the gatekeepers who failed to mind the gate, never checking the imposters' identies or association with the company.

"For all of us, it's a tough business," Steinberg, of Merchant E Services, said. "It's a large, large problem."

No Shit, Sherlock. It may be a large, large problem, but it is your responsibility to solve it. If you can't solve it or handle the losses, you shouldn't be in the business. Period.

Any suggestions on how to keep the losses on the banks and service providers, instead of the businesses?

Re:What is particularly outrageous is ...

"For all of us, it's a tough business," Steinberg, of Merchant E Services, said. "It's a large, large problem."

doesn't this sound like....

George Bush: "It's hard work. Fighting terrorism is hard work."

Translation: It's difficult, we're in over our heads... We're not going to do anything about it, though, because we're making a lot of money.

Disclaimer: I am a conservative voting for Kerry. All true conservatives should be voting against Bush.

Re:What is particularly outrageous is ...

[Maestro4k]

• ... that the company whose identity is misused is seen as being responsible for the losses. It is the merchant service providers and banks that should be held fully responsible -- they are the gatekeepers who failed to mind the gate, never checking the imposters' identies or association with the company. ... Any suggestions on how to keep the losses on the banks and service providers, instead of the businesses?

Ultimately they are responsible for it, but it's easier on them to harass the company (or person) who's identity was used and try to make them pay. This ends up making them have to pay for attorneys to get the situation worked out and they end up losing as much, or more, money personally to pay for them. They may not ever have to pay a cent of the fraudulent charges, but the system makes them pay their own legal fees.

What we need is a way to force the merchant service providers and banks to cover legal fees in cases where they failed to properly verify the identity of those they issued accounts to. That would provide a nice incentive to them to start actually doing some due-diligance. Personally I'd be fine with needing to wait an extra week or two to get an account than it be so easy for crooks to obtain one in my name easily (and quickly).

`millions of americans''

[R.Caley]

Notice that the linked to factoid has no information about which 10 people they asked, and which 7 answered, and is supported only by a link to a databse they know most people won't have access too.

They're not even trying to look like they aren't shoveling bullshit.

Protecting data is one thing, but relief ...

[Presence1]

... for the people and companies whose identity is 'stolen' is what is needed.

To leave these people with the burden of proving a negative -- that they didn't do something, is a truly onerous burden, requiring years of wasted time and legal bills.

We need a simple process to prove that it wasn't you, in order to push the responsibility back where it belongs, on the companies whose lax security and verification processes allow these crimes to be perpetrated in the first place.

Perhaps then, they'll get more serious about preventing it.

Re:Protecting data is one thing, but relief ...

[DavidTC]

Well, the first step is to stop calling it identity theft, like there was some harm done to the victim by the original criminal.

There was absolutely no harm done by 'the thief'. All the harm done to the 'victim' was by the companies that were defrauded.

It's rather akin to saying I 'indirectly assaulted' you, when 'I hit some third party, saying I was you, and they run out and punch you.'. Yes, I am a bad person for hitting that person, but so are they, for hitting you. Saying I assaulted you is completely ignoring the other wrong thing that happened.

What we need to do is have some lawyers realize this.

Re:As long as...

[NoMoreNicksLeft]

Tornados are bad things. I believe it is a bad thing when a tornado tears up someone's house, or kills them. If a tornado appears out of nowhere, and shreds Charles Manson, I won't cry however.

Muggers are immoral people. It is wrong to rob people at gunpoint. Sometimes they even kill their victims. If one plugs OJ Simpson, however, I won't cry.

Relative morals is when I decide to steal from these companies, and try to justify it. I don't engage in that. Stupidity is when I sympathize with crooks who are robbed. I don't engage in that either. Try again, asshat.

Stolen?-The "form" of crime.

"No theft has occurred."

You wouldn't say that when you went to take the remaining balance out.

They have a website

[SirLanse]

They must have a static IP address. The location of the computer can be found. Treat the bastards like they stole your PS2. (In Florida we take that stuff seriously)

Re:They have a website

[xombo]

Too bad Florida's government doesn't seem to take anything seriously (like voting).

Quick Pay Systems

I've wondered recently if such a scheme could (and eventually) would be applied to the use of quick pay fobs. The one they're pushing around here is Dexit.

Set yourself up as a Dexit merchant. Mod the hardware so it's wearable and then walk around the busy (shoulder-to-shoulder) underground of Toronto and if you get near someone with a Dexit patch on their cell phone or fob in their pocket, you get paid (any amount you choose).

Clearly you don't need a constant phone line connection as that would defeat the purpose of making these kinds of payments "quick". People have these on their key chains (you can guess pretty accurately where people are going to keep their keys), in their briefcases, and I've even seen many people with them attached to the lanyard around their neck!

Getting set up as a merchant probably wouldn't be difficult as these people are so desperate for any kind of adoption they'd probably sign up anyone...

It's just a matter of time...

Ob Quote Re:Fraud != Theft

[Kozar_The_Malignant]

Who steals my purse steals trash; 'tis something, nothing.
'Twas mine, 'tis his, and has been slave to thousands;
But he that filches from me my good name
Robs me of that which not enriches him
And makes me poor indeed.
-William Shakespeare - Othello the Moor of Venice (Iago at III, iii)

Scary to think

[codepunk]

Scary to think anybody with a jpg image and a compiler can get anything they want off of your corporate network....

Re:And to this I say...

[DigiShaman]

Ya, and I'm sure you would be singing a different tune if you get fired because Corp-X cannot cut you a paycheck.

You wanker....*sigh*

Re:Damn right the problem is built-in to the syste

[Nept]

If the *credit card companies* were the ones who had to suffer the costs of fraud

Then they would never reverse the charges onto the consumer's card. They would just say, "Oh, tough luck ... "
(or at least you would have to hassle them to death, and after they opened an investigation they might give you the money back after a couple of months)

Look it up. Re:Fraud != Theft

[hacksoncode]

All of the common legal definitions of theft run thusly: "theft is usually defined as the unauthorised taking or use of someone else's property with the intent to deprive the owner or the person with rightful possession of that property or its use."

Note the inclusion "of its use" here. It's extremely important. If you have the legal right to use something in a particular way, and someone misappropriates that use, that's theft, whether they actually take something (physical or otherwise) or not.

Copyright is one such legal grant of a right of use.

The ability to use your identity how you wish. Someone else doing so has deprived you of that legal right.

Also, with this weird restricted meaning you've used here, how do you interpret "theft of service"? If I go and break into a hotel room and sleep there without paying, even if I leave it exactly as I found it, it's still theft (legally and morally). Yes... even if the hotel wasn't full (and thus even if I wasn't technically depriving them of a night's revenue due to the unavailable room). I'm using something belonging to someone else without paying for such use. That's theft in almost any jurisdiction.

Re:As long as...

[fizban]

Hello? The original post was about saying it's okay to steal from big companies, but not from small.

How about you try again.

This is not a new scam

[forgotten_my_nick]

I had my credit card number stolen about 4 years ago. The people who stole it used it in such just a system to purchase tons of stuff from Amazon though thousands of mini orders. Actually I almost died when the Amazon support person said "OMG There are thousands of orders! ... oh wait they are not all to you". As far as I know Amazon put a system in place to catch this from happening again (easily).

Money laundering seems to be the in thing for the net these days. Ebay aside, my friend almost got caught out by Jobfastfind.org scam.

Any support?

[freek_daddy]

Statistically, you stand a far better chance of being caught than not. Why do you think this? Is it just what your friend told you or do you have some evidence that this is true?

Re:Any support?

[JaxGator75]

Evidence?!? They've caught them all! What more evidence do you need? Every time a criminal tries to steal from them, they snatch them off the streets and hurl them into PMITA prison.

Meh... I'm not really this bitter, just posting from work on a bad day...

Check 21 will make this easier

Check 21 allows banks and merchants to create electronic substitute checks to expedite check clearing. It will expedite fraud as well. While a fraudulant operation could always wire money out of your bank account without prior consent, a large number of wire transfers would probably arouse suspicion. Now with substitute checks they can extract money wholesale.

You don't have very good protection either. While you will eventually get your money back, the bank has up to 10 days to give you $2,500 back and up to 45 days for the remainder. Aren't you glad you keep your money safe in a bank?

This is an OLD, OLD technique...

[JRHelgeson]

Merchant services have been aware of this type of fraud for a decade or more, this type of fraud is now on an uptick. Thats all.

I remember back in 1996 when I was setting up my company to process credit cards, they had to come and photograph our business, photograph myself, just to PROVE that we were a legit business that would process cards, and all this was sent in with our applicaiton by a trusted THIRD PARTY.

This type of scam was around before identity theft was huge because all the criminals needed was stolen credit card numbers, which have always been plentiful. Next they upped the ante to steal entire identities and went on shopping sprees, then sold the stuff on eBay. Now, they're combining the two scams.

Comment removed

[account_deleted]

Comment removed based on user account deletion

All I can say is:

[ImaLamer]

Thank You...

It needed to be said, what you pointed out that is.

Identity theft is just a term used to scare the crap out of people. It isn't like the person is going to start showing up at work for you and attending family functions - they are just using your bank account or credit card information.

If I steal your credit card and use it I'm not taking your identity - I'm committing fraud by acting as you. That is the way my state has always looked at it. I should know, I've known many people who've gone to jail for that exact crime. AFAIK there is no one sitting in jail for the crime of identity theft...

It is a word like "dirty bomb", a scare word.

Comment removed

[account_deleted]

Comment removed based on user account deletion

The logical solution

[FusionDragon2099]

Pay in cash.

"Credit card merchant providers" are near-crooks

[Animats]

This scam depends on the netherworld of "credit card merchant providers", who are also the money launderers who make spam possible.

If you're a legitimate business, and want to accept credit cards, you go to your bank and open a merchant account. They check your financial history, may demand a deposit (on which they pay interest), want to see you in person, may visit your premises, and make you sign a painful contract. Then they charge you about $100 per month, plus 1-3% of the transaction cost. This is the way real companies do it.

If you're a less legitimate business, there are services for you, too. Charge-It-Now is a more or less legitimate one. "Now you can be approved to accept credit cards in as little as two hours and have a live merchant account in 24 hours. Applying online for our Internet processing software has never been easier. The entire application process is done online in less than 10 minutes and with our digital signature approval process; we do not need a physical signature. We deposit funds directly into your existing bank account. ... We accept 98% of applicants". At this tier, the rates are higher and the merchant is more likely to be doing something dodgy. These outfits aren't regulated as banks. They're resellers of banking services. They need to be better regulated.

Further down in the muck, there is the "high risk merchant account" business. "Has PaySystems or other merchant providers shutdown your company, virtually stopping you from processing credit cards? ... Good Credit / Bad Credit okay! ... We pride our business on the fact we can place just about any business type. Even if you've experienced problems in the past with other processors or have a low credit rating." This is where your mid-grade spammer gets credit card processing. Most of those operators need to be kicked out of the credit card system.

Down at the bottom, there's "offshore high-risk credit card processing". "Merchant account service for bad credit, high risk, gambling, and adult related business." This is the land of 15% fees, long holdbacks, and processors who disappear suddenly. Here we find companies operating from undisclosed locations, a criminal offense in many jurisdictions. These outfits help crooks and spammers launder their money, evade taxes, and hide from law enforcement. These operators are essentially part of organized crime.

Urggghhh

[ImaLamer]

You don't get it.

Fraud:

A deception deliberately practiced in order to secure unfair or unlawful gain.

or:

An intentional perversion of truth for the purpose of obtaining some valuable thing or promise from another.

Or better from the FTC site:

How can someone steal your identity? Identity theft occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes.

Re:Damn right the problem is built-in to the syste

[bitswapper]

Except they are the ones who pay for it. They get to deduct a business loss from their taxes, because those losses reduce their earnings.

Not Neccessarily. Recently, in SD and perhaps other states, banks have started to push local legislation to allow them to create credit-issuing subsidaries which, upon declaring bankruptcy, can dissolve with no liability to the bank they belong to. They can also lose money without the loss showing up on the parent bank's balance sheet.

This is happening on a strictly local level, and the regulations allowing the creation of this special subsidary are passed by committee - they are not voted on, or debted in any way. Its quite simple: the banks representatives show up at committee hearings, and submit their request. Even more interesting, the committees are not financial ones (soil conservation, for example), yet the regulations get passed just the same. The locals sitting on the committe don't see any reason not to grant the request. If one committee tells them to get lost, they move onto the next committee, until the regulation they want gets passed. The banks doing this have names like wellsfargo, bankamerica, and so forth.

The question is: why would a bank want to insulate itself from financial loss or bankruptcy in this way? Any answers? Are they getting hit hard by credit card theft? Is this kind of subsidary normal, or am I just paranoid?

I'd like to create a subsidary of myself that can declare bankruptcy without it affecting me.

disinterested?

[brauwerman]

It's really annoying when a single word no longer means anything, and concise communication becomes impossible.

http://dictionary.reference.com/search?q=disinte re sted

Usage Note: In traditional usage, disinterested can only mean having no stake in an outcome, as in
Since the judge stands to profit from the sale of the company, she cannot be considered a disinterested party in the dispute.
But despite critical disapproval, disinterested has come to be widely used by many educated writers to mean uninterested or having lost interest as in Since she discovered skiing, she is disinterested in her schoolwork.

Oddly enough, not interested is the oldest sense of the word, going back to the 17th century. This sense became outmoded in the 18th century but underwent a revival in the first quarter of the early 20th. Despite its resuscitation, this usage is widely considered an error.

In a 1988 survey, 89 percent of the Usage Panel rejected the sentence
His unwillingness to give five minutes of his time proves that he is disinterested in finding a solution to the problem.
This is not a significantly different proportion from the 93 percent who disapproved of the same usage in 1980.

Re:Damn!

[jmcmunn]

How the heck does a comment about iPods get rated offtopic in an iPod thread? Sometimes moderators have their heads up their asses.

I can see if I made some off hand comment, but this was just an honest replay about my iPod...WTF people. 50% of the time a comment like this would get modded up as "Insigtful", which is equally as wrong. A simple "Funny" or nothing at all would suffice. Not every comment has to be categorized as something. This is why you all need to meta-moderate more often...keep moderators honest.

Re:Damn right the problem is built-in to the syste

[mdfst13]

"I'd like to create a subsidary of myself that can declare bankruptcy without it affecting me."

So why don't you? How hard is it to incorporate in Nevada/Deleware these days?

Re:As long as...

[NoMoreNicksLeft]

The original post accused me of moral relativism. Which isn't the case. I didn't realize you were anaology-impaired though, or I would have drawn a picture.

Re:Damn!

you replied to the wrong thread. Your iPod doesn't have much to do with Identity Theft. Unless maybe your iPod is your identity...

Re:Damn right the problem is built-in to the syste

[qbzzt]

Not Neccessarily. Recently, in SD and perhaps other states, banks have started to push local legislation to allow them to create credit-issuing subsidaries which, upon declaring bankruptcy, can dissolve with no liability to the bank they belong to. They can also lose money without the loss showing up on the parent bank's balance sheet.

The question is, who gives those subsidiaries the money they loan out, which got stolen. A credit-issuing subsidiary is only as important as the amount of money put in it.

That's nothing new...

[Vthornheart]

Embezzling money from companies via Corporate accounts? CEOs have been committing this crime at least since the 80s. ;)

Better colors

http://shit.slashdot.org/article.pl?sid=04/10/08/1 333219

Re:Damn!

[jmcmunn]

Wow...my bad. I am positive I was in the iPod story, I even read over the story at the top of the page while I was writing my response. I shall report a bug to Slashdot, and appologize for the offtopicness of my comment.

Not an anonymous coward- waiting for a pasword.

Hi all,
After I nearly became the victim of ID Theft for my business via an online scam, I started looking into the industry, trying to understand what was going on and how I might protect myself.

What I learned:
There's no 100% effective way to prevent yourself, or your business, from being a victim of identity theft. There are ways to decrease the likelihood that you will become a victim, but that's it.

This, to me, became a cause. I now present all over Colorado and Wyoming about ways identity theft takes place, trying to make clear to people of all ages and backgrounds how serious this is.

What most people don't realize is that many identity thefts take place in different jurisdictions. for example: your company's merchant account is used to purchase homes in Florida and California, and let's say that you live in Montana. You go to Montana police to report the crime, but they say that there's nothing they can do because it happened in Florida and California. So you call police in those states, and there's nothing they can do, they say, because you live in Montana. So you call the FTC, whose web site (actually) says "While the FTC does not resolve individual consumer identity theft problems, your complaint helps us to investigate fraud, and can lead to law enforcement action." So you think, well, I'll contact the Better Business Bureau, whose web site says "If your complaint is against the Identity thief, it is unlikely that the BBB can assist you. We urge you to contact the Federal Trade Commission."

And those of you who have tried to deal with the credit card companies and the credit bureaus know what a ridiculous prospect that is. I mean, think about it - 9.9 million victims of identity theft in 2002 - that's 27,000 people who line up in the morning at the credit bureau's doors, and the credit card companies' doors, and they don't all get dealt with that day, but 27,000 come the next day, and 27,000 the next, and so on.

I am associated with a NYSE company, and a NASDAQ company. I do market their combined service, which is the best solution for helping individuals and businesses to make sure that this crime doesn't happen to them, and that if it does, that they will have all the help they need. If you are currently dealing with this issue, I can help you, and it really won't cost you very much (like next to nothing). I am also really wanting to train some people to do what I do (or better than I do), so that we can get the word out to as many people as possible, before this affects them, and especially if it's already affected them. We have people working with us both part-time and full-time, earning incomes between $500/month and $15,000/month.

Within the next two-five years, all of us will pay for some sort of identity theft policy, either built into the insurances we already have, or as a separate product. From a business standpoint, I would like to have many of those people as customers as possible - wouldn't you, if the product you offered really helped them? From a personal standpoint, I've seen most of what is available today for identity theft protection, to help people and companies, and none of it holds a candle to what we do to help protect people, and restore their good names.

If you fit into either of these groups (need help with an Identity Theft/fraud, or would like to make part-time or full-time income offering a better product than what most everyone will elect to have), please email me at jkraft@strive4impact.com). You can also call me at 877 825 7119 (Leave a voicemail if no answer) Like I said, I'm not an anonymous coward :) I just came across this forum after researching Google for Identity Theft articles online, and felt like I had to respond even though I hadn't (and still haven't) received a Slashdot password.

Please let me know if I can help you deal with this most challenging of crimes.

Thank-you,
Jonathan

Completely amazed that there wasn't any real help

[strive4impact]

Hi all,
I nearly became the victim of ID Theft for my business via an online scam, I started looking into the industry, trying to understand what was going on and how I might protect myself.

What I learned:
I was completely amazed that there wasn't any real help through governmental organizations or credit card/credit reporting companies. There's no 100% effective way to prevent yourself, or your business, from being a victim of identity theft. There are ways to decrease the likelihood that you will become a victim, but that's it.

This, to me, became a cause. I now present all over Colorado and Wyoming about ways identity theft takes place, trying to make clear to people of all ages and backgrounds how serious this is.

What most people don't realize is that many identity thefts take place in different jurisdictions. for example: your company's merchant account is used to purchase homes in Florida and California, and let's say that you live in Montana. You go to Montana police to report the crime, but they say that there's nothing they can do because it happened in Florida and California. So you call police in those states, and there's nothing they can do, they say, because you live in Montana. So you call the FTC, whose web site (actually) says "While the FTC does not resolve individual consumer identity theft problems, your complaint helps us to investigate fraud, and can lead to law enforcement action." So you think, well, I'll contact the Better Business Bureau, whose web site says "If your complaint is against the Identity thief, it is unlikely that the BBB can assist you. We urge you to contact the Federal Trade Commission."

And those of you who have tried to deal with the credit card companies and the credit bureaus know what a ridiculous prospect that is. I mean, think about it - 9.9 million victims of identity theft in 2002 - that's 27,000 people who line up in the morning at the credit bureau's doors, and the credit card companies' doors, and they don't all get dealt with that day, but 27,000 come the next day, and 27,000 the next, and so on.

I am associated with a NYSE company, and a NASDAQ company. I do market their combined service, which is the best solution for helping individuals and businesses to make sure that this crime doesn't happen to them, and that if it does, that they will have all the help they need. If you are currently dealing with this issue, I can help you, and it really won't cost you very much (like next to nothing). I am also really wanting to train some people to do what I do (or better than I do), so that we can get the word out to as many people as possible, before this affects them, and especially if it's already affected them. We have people working with us both part-time and full-time, earning incomes between $500/month and $15,000/month.

Within the next two-five years, all of us will pay for some sort of identity theft policy, either built into the insurances we already have, or as a separate product. From a business standpoint, I would like to have many of those people as customers as possible - wouldn't you, if the product you offered really helped them? From a personal standpoint, I've seen most of what is available today for identity theft protection, to help people and companies, and none of it holds a candle to what we do to help protect people, and restore their good names.

If you fit into either of these groups (need help with an Identity Theft/fraud, or would like to make part-time or full-time income offering a better product than what most everyone will elect to have), please email me at jkraft@strive4impact.com). You can also call me at 877 825 7119 (Leave a voicemail if no answer) Like I said, I'm not an anonymous coward :) I just came across this forum after researching Google for Identity Theft articles online, and felt like I had to respond even though I hadn't (and still haven't) received a Slashdot password.

Please let me know if I can help you deal with this most challenging of crimes, or increase your income by helping to protect others.

Thank-you,
Jonathan

Credit Card Fraud Suspects

These are CC Fraud suspects in the Philippines that was research over time. Visit the webpage
http://www.geocities.com/pinoyhackers2000 /