Slashdot Mirror
Identity Thieves Not Big On Technology
alphadogg sends us to Network World, as is his wont, for a summary of a new study of identity theft based on the outcomes of more than 500 Secret Service cases from 2000 to 2006. Here is the study report (PDF). The AP has coverage emphasizing other slants on the findings. Among the surprises: just 51% of convicted ID thieves were sent to prison. Only 20% of the cases involved use of the Internet, and such cases may be on the decline. More perpetrators used good old-fashioned dumpster diving and stealing stuff out of mailboxes.
From the AP article: "The Federal Trade Commission has said about 3 million Americans have their identities stolen annually." And this study covers 517 cases over 7 years (2000-2006). I'm sorry, but I can't see a study of 517 cases during a period of approx. 21 million crimes providing really useful data.
Start a happiness pandemic
My mail slot goes straight to a shredder so I'm safe.
That's odd. This summer in Norway, over 100 000 people got their identity stolen when web-services using the registry of all norwegian citizens (to perform tasks like credit check etc.) leaked personal information. I was one of the victims after 60 000 of those thefts happened through Tele2's website (and I have never had anything to do with Tele2 before). Funny thing is, Tele2 knew about the flaw for about 8 months (after several warnings from the Norwegian Data Inspectorate) before the attack and did nothing to fix it. With that kind of mentality and ignorance among people who have access to our personal information, why should I believe that it is declining? Because someone somewhere have statistics that might suggest that it is?
And a fire.
Have you been touched by his noodly appendage?
A shredder doesn't help when a credit card company delivers a pre-approved credit card offer, or when the community college uses your SSN as your 'Student Identification Number' on a freshly printed postcard.
If Credit Card companies really cared about identity theft, then why do they mail out millions of unsolicited, pre-approved credit card offers every year? Even if someone signs up for the 'opt-out' list, some unscrupulous lenders will ignore the list and send unsolicited offers in the mail.
What percentage of identity theft occurs from someone stealing one of those little envelopes, I wonder.
"Can of worms? The can is open... the worms are everywhere."
Law enforcement is becoming less and less effective at identifying and prosecuting electronic identity theft. After all, only 20% of thieves who got caught used the internet.
That's why, when you get 'em, you shred 'em.
Security is not absolute. It's always about probabilities. You reduce the chance of a breach, but you can never make it absolutely impossible.
That seems to indicate that only cases that had been SOLVED were used in this "study".
Of course, which case would be easier to solve?
#1. Someone in Russia stealing your ID via a keylogger installed on your workstation.
#2. Someone in your apartment building breaking into your mailbox.
they are thieves more interested in stealing money, they are not technophiles...
Politics is Treachery, Religion is Brainwashing
The big money is not in taking cash out of someone's account and hoping that they don't notice.
..... BankAccnt1 - BankAccnt2 etc
Here, you know what databases are, right? Think of a database of every possible Social Security Number.
Then, think about a criminal organization filling in the information they can find from various sources.
SSN - FName - LName - DoB - MomMaiden - Address - SpouseLink - Child1 - Child2
Fill in enough of that information and you can use it to get info on the numbers you don't have filled in.
Now, they are you, as far as any financial institution is concerned. They can take out a second mortgage on your house. They can buy a car in your name. They can steal more from you than you have in any of your accounts.
They can even try to cash out your 401k. They are you.
Technology breeds crime
God spoke to me.
Looking at the number of cases closed is the wrong statistic. In combating the problem of identity theft, or online fraud in the larger sense, what really matters are the actual losses associated with each case.
I don't really care if some mope dug through my dumpster, stole my credit card pre-approvals, and got caught using the fake card running up $200 worth of porn purchases. The case I worry about is the single criminal or criminal organization that systematically steals millions of pieces of credit card data and efficiently exploits each piece to the maximum extent possible.
If the investigation of each of those scenarios is one case then they have equal weight under the statistic used by the article. In terms of actually combating identity theft the latter example and the resultant prosecution is much more important and effective. Unless they discuss the loss amounts associated with cases of each case, this statistic, the conclusions based on it, and the entire article are missing the point and not talking about actually fighting identity theft and are instead talking about looking like you are fighting identity theft.
The other comments are completely on the money pointing out that this is only closed cases and the difficulty of actually closing an international investigation.
All in all another wholly misinformed article about the real threat of identity theft and online financial fraud.
If Credit Card companies really cared about identity theft, then why do they mail out millions of unsolicited, pre-approved credit card offers every year?
This would be a really easy one to fix with just a bit of legislation really. The consumer credit contract should be like applying for any other major loan, consumer signature required for contract to be valid or the contract is void and all claims arising out of it are also void (i.e. the credit issuer or backer shoulders all of the responsibility for loaning out money to a phantom that they couldn't verify). This would place all of the risk for verifying identity and preventing theft on the credit card issuers. Some people might complain that this would make credit harder to get for "deserving borrowers" but really the last kind of credit that those marginal borrowers need is yet another unsecured, high rate, short term borrowing instrument (i.e. the credit card). So what if credit is a bit more expensive because we actually implement security and sound verification practices? The easy credit binges are what brought us the housing bust, the subprime mortgage meltdowns, the dotcom crash and a host of other financial disasters. Do you help an alcoholic with a hangover by giving him another drink? Do we have to give pre-approved credit card offers in the mail to everyone who is breathing and has a pulse? Who needs it?
No surprise that identity thieves aren't big on using the Internet. I mean, think of the risks of their putting personal information out on the 'net... They could have their identities stolen!
"Flag on the moon. How did it get there?"
Interesting timing on this article. Just last night, my wife and I got a call from Discover, asking if we had attempted to use our Discover card recently. It just so happens that the ONLY thing this card is [well, was] used for, was the recurring monthly cost of XM Radio. Other than that, we don't use the card at all.
It turns out that at 9:24PM EDT last night, someone tried to buy $986 worth of crap at a Walmart in Jacksboro, TN. I live in Dallas. So it was definitely not myself or my wife. Thankfully, the charge was declined. Someone had also made a whopping $2.51 purchase at some online computer store which I had never heard of. I don't know what kind of nothing they bought, but that usually wouldn't even cover shipping.
What we think happened is this. Our current cards are set to expire at the end of this month. We both still have our cards, so most likely, someone snagged my replacement card out of the mail. Discover says they did send out replacement cards, but we never got them. I'm still trying to figure out where the cards were mailed from, to see if it was somewhere near TN.
I'm guessing this thief isn't too bright. I'm think they weren't able to actually activate the card, which is why it was declined at Walmart. It may have gone through at the computer site because the card number is the same as my active card, and perhaps they don't ask for the 3 digit verification number on the back.
At this point, I'm working with the Walmart in question to have them save their security tapes on all the registers at that time. I'm also trying to get in touch with the online computer store to see if they have records on where the item was shipped. I'll give that info to the fraud group at Discover and hope for the best.
Even though it hasn't actually cost me any money, I want to nail that punk to a tree. Now we have to deal with having our account closed and switched to a new account. We take reasonable precautions to keep ourselves, safe, but you just can't protect mail you haven't even received yet.
Nothing to see here