Slashdot Mirror
The Notable Decline of Identity Fraud
Orome1 writes "In 2010 the number of identity fraud victims decreased by 28 percent to 8.1 million adults in the United States, three million fewer victims than the prior year. Total annual fraud decreased from $56 billion to $37 billion, the smallest amount in the eight years of the study. While overall fraud declined, consumer out-of-pocket costs rose significantly, mainly due to the types of fraud that were successfully perpetrated and an increase in "friendly fraud." The number of identity fraud incidents decreased by 28 percent over the past year, which brought them down to levels not seen since 2007. The mean fraud amount per victim declined from $4,991 in 2009 to $4,607."
Thieves have a good chance of stealing the identity of someone that is probably worse off than them.
With the mean amount per victim so (relatively) low, I guess it's just not worth it for the criminals doing it on an individual basis. All the rational criminals must be moving to more lucrative sources of ill-gotten gains.
Coincidentally, I don't get offers of free credit in the mail from EVERY bank in the United States anymore either. Wonder if that could have anything to do with it.
Identity fraud is nearly non-existent here in France. All credit cards have pin numbers and taking credits requires the use of state-manufactured ID. IDs are very hard to fake and use of fake ID is harshly punished (relatively to other property crime that is, our judiciary system is globally lenient). Paper checks are discouraged and ID is mandatory for using them anyway.
Just make banks liable for losses and they will make sure it doesn't happen very very fast.
Spam levels dropping, less identity fraud... It's all about censorship and connecting to twitter through smoke signals nowadays.
Give me back my internets!!
This might simply be a temporary decline based on the economic downturn. People have less money to be lost and are overall more hesitant to get involved in any transaction, fraudulant or legit.
A colleague of mine was a victim; it's a royal pain in the ass to get straightened out. The perpetrator somehow got a hold of his Social Security number, and got a credit card in my colleague's name at either Lowe's or Home Depot (building suppliers, for the non US folks). The perpetrator maxed out the card in one day. Since the crook gave a false address, my colleague never got the bill. So it wasn't paid, and this set off some sort off nuclear credit chain reaction which blocked all his credit cards. When he finally figured out what happened, it took him weeks to get it all right again. So the money is the smallest problem. It's the collateral damage that is the big problem.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
These days, the victims don't have any money to steal. Just debts, and most thieves don't want to steal that!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
As a European recently moved to the Americas I'm frequently baffled by the procedures of identity verification.
How do you allow businesses (whom run the government) to profit by the presence of somewhere in the magnitude of 1e7 illegal aliens, yet not open the system too wide for theft?
Also note that a fraction of the "theft" is actually fraud, and how do you set up procedures to catch at least some of the fraud. Yes thats all very terrible when someone has to spend X hours of their life cleaning up a $Z "theft". Now would you accept $Y in cash, where $Y/X is some multiple of your hourly wage, to ...
Given those two datapoints, which you apparently don't have, things will make a little more sense...
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Now that it's notable, it has a chance of being accepted as a Wikipedia article right?
Somebody used my wife's credit card number to buy merchandise and ship it to an address on the opposite coast. So she called up the credit card company and asked them what address was used. They refused to give it to her, citing privacy concerns! WTF, the identity thief's right to privacy now trumps the cardholder's right to go there and kick their ass?
I've abandoned my search for truth; now I'm just looking for some useful delusions.
More importantly; Does his wife?
While "Identity Fraud" is a step up from "Identity Theft", it still poses it as a problem of the victim. In car theft, you are out one car. Did you leave it unlocked? Did you park in a bad side of town? It's somewhat your problem.
In "Identity Theft", you are often nowhere near the crime, or really had no way to stop it. Underpaid waiter writes down your visa number and expiration date while you pay your bill - bam! Someone calls the bank knowing your mother's maiden name and your grade school - bam!
Yet somehow, it's your fault.
Identity fraud is better - someone has been busy defrauding people - it's not you. By moving it away from the word 'theft' to 'fraud', it puts people in a different frame of mind, like forgery and such where the victim really has no chance of stopping it from happening.
But: identity fraud is still different from credit fraud, and the press seems to like lumping them together. We already have laws on the books for when someone defrauds a bank claiming to be you, yet the current debate and billing systems still put it in YOUR lap. As soon as we get a good consumer lobbyist in place, we'll get the laws changed to make the banks take responsibility when someone lies to them, instead of you being responsible for cleaning up the mess.
Ok, that last one was a bit of a fantasy. Sorry about that.
In Europe we have hard to fake Government issued IDs for everyone.
No we don't. Lots of Europeans don't have government issued IDs.
Quidnam Latine loqui modo coepi?
Why are you telling the waiter your mum's maiden name
It pays to be obvious, especially if you have a reputation for being subtle.
I think it has more to do with the banking downturn. Banks are into risk avoiding mode, and won't give loans/mortguages to just anybody. It's clearly not due to better enforcement of laws, we're still wasting most of our policing on the war on drugs.
* ab is away - gone, if anyone talks in the next 25 minutes as me it's ba being an asshole -
[ab] HAHAHA DISREGARD THAT, I SUCK COCKS
http://bash.org/?5775
With so many children born out of wedlock and divorces theres good chances that someones mothers maiden name is their current last name.
A passport has no address, so supplying some proof of it is hardly "hilarious". Easy setup and access to accounts works fine 99% of the time in the US and is not more disturbing than having your identity verified through the government's secret service apparatus on a daily basis or losing your phone service because you forgot a password and are no longer authorized to access such a high-security device.
Plenty of people advertise that kind of information on Facebook. You can even indicate who your parents are on there. And they made it so if you get married you can still list your previous name so people can search for it.
While people are dumb for publicly giving that kind of information away (at least set your profile to private!); banks and other financial institutions should also have more rigorous security questions. Even better is what I've seen some sites do where instead of having 5-8 predefined security questions, they let you write your own.
Someone stole my credit card and used it to purchase crap on the internet and get it shipped to me. Why to me? Because the fraudsters got a kick back on the sale for the referral.
I noted something interesting. The packages for me arrived at my house thanks to USPS, but they had the wrong address.
I called the vendors who charged my credit card and shipped the merchandise, and I learned a few interesting things.
1. The vendors did not have my correct address or phone number, yet my credit card company allowed them to charge my card anyway. WTF?
2. The vendors were very eager to refund me the money, even if I did not return the merchandise, because the credit card company would charge them a very large fee if they got a "charge-back."
It appears to me that banks are fine with fraud, because either
1. you won't notice the wrong charges on your card, or
2. they'll make money by stiffing the vendors.
Americans don't want the government to know that they exist, apparently. They have to go door to door asking how many people live in each house in order to even know how many people live in the US. They do it every ten years. No wonder anyone can pretend to be anyone.
Why are you telling the waiter your mum's maiden name
It's very very easy to find out someone's mother's maiden name just from public records.
I guess it means we are all getting a bit smarter and wiser to the different schemes out there...although there are still some that would believe that if you send them some money in nigeria their royalty family will be able to send you mountains of money.
Isn't that roughly the same amount that spam has dropped by recently..?
Ceci n'est pas une
Maiden name's not really needed. A thief (and yes, I think of him/her as a thief) opened an account in my name using my name, address, SSN and date of birth. They got my mother's maiden name wrong, but the credit card company still approved the (online) application and sent them the card. Luckily, they used my address and then tried to update it and the card went to me instead of them. Otherwise, they would have activated it, maxed it out and stuck me with the bill.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Actually, one of the more common cases in the credit fraud is among relatives. One person in a family has decent credit, and another member - not so good. Siblings are somewhat common, while aunts and cousins are less so.
Having data that's part of public record being made into the 'secret question' is pretty bad. Some questions aren't so public (like 'where did you meet your spouse?'), but the whole system is based off of the ability to start these lines of credit - or criminal arrests - with the use of 'secret questions' just means that the crime is easier if the criminal knows you.
My brother just got out of four years of jail for a crime he DID commit. Unfortunately, some bozo gave my brother's name when he got arrested, so now my brother has an "AKA" on his rap sheet.
It's a just a password, and I've been using a arbitrary uncommon name since they started asking dozens of years ago.
a) I don't want you to know anything about my mother
b) I know they don't care to check because no one has... it's just a password.
Make sure everyone's vote counts: Verified Voting
I repeat: when I complained that the question they just asked me was meaningless as a method of identity verification they agreed and offered me, at that point an unverified individual, to lock the account down with a password. Good job.
Well, if you were posing as someone else, you wouldn't have bothered to complain about security. So there's a good chance you're the real customer.
The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
Horrible name, but In case anyone else was wondering wts it meant: “Friendly fraud” is on the rise—Friendly fraud - fraud perpetrated by people known to the victim, such as a relative or roommate - grew seven percent last year, with consumers between the ages of 25-34 most likely to be victims of this type of fraud. People in this age group are most likely to have their Social Security number (SSN) stolen—with 41 percent of fraud victims in this group reporting theft of their SSN.
Being not from the US, I was under the impression that social security numbers are almost public knowledge there - that you're required to hand them over when signing up for all sorts of things right down to signing up in a video store, etc. What's more, they are simply a guessable 9 digit number - not linked to a biometric, a PIN, a photo or anything. So, if they cannot be used as an authenticator, and a number of people/companies know it or have access to it, what is the problem if one is stolen?
Why don't american payment-systems have any security ?
Why are credit-cards still set up so that anyone you've ever paid to with the card, has all the info they need to charge the card. (card-number and expiration-date)
It's stupid, and it's useless.
When I pay by card in a restaurant here, I do it by inserting a chip-card into a (often hand-held) terminal. The terminal does challenge-response to validate the card, and requires a 4-digit pin in addition.
Thus the waiter, even if he saw you enter the pin, would still *also* need to steal the physical card to be in business. It's not a perfect system, but helluvalot better than "mothers maiden name" bullshit.
It baffles me. Why not add some actual security ? It's not new, and it's not hard. So why not ?
The basic reason is that people are happy to use their unsecured cards and the credit card companies at least think that they benefit more from convenient transactions than they lose from fraud (it is likely true, they mostly push the costs of fraud onto retailers).
And by 'happy', I don't quite mean happy, I just mean that people continue to use their unsecured cards.
Nerd rage is the funniest rage.
Fair enough, but it's not as if it's less convenient paying by card here, infact Norwegians pay by card a whole lot MORE than Americans, partly as a result of convenience.
It's not a hassle to do: "insert, enter-pin, wait ~2s, withdraw" a card. In fact paying by card is significantly faster than paying cash here since the latter typically involves giving change etc.
Online, it's *slightly* more of a hassle, but still no biggie. What happens there (since I can't prove physical posession of the card online), is that that's replaced by physical posession of my phone.
I enter the card-number, get a SMS with a one-time-pin and enter that in a separate field. That way someone knowing all my card-details still can't use that information to buy stuff online with the card, because they'd -also- have to steal my physical phone (or atleast intercept a SMS sent to it) which significantly raises the bar.
Two-factor is the way to go. (for example posession + knowledge) American credit-cards are one-factor. (knowledge)
Sure, perception of convenience might be better there. Still, the basic dynamic is that card users don't care enough to stop using their cards and there is some mix of factors keeping the card companies from doing anything about it; I expect that their ability to avoid much of the cost of fraud and reticence about the costs of switching to a new system are high up on that list.
Nerd rage is the funniest rage.
Maybe Lifelock is finally working?!?!
Harrison's Postulate - "For every action there is an equal and opposite criticism"