Slashdot Mirror
Ask Slashdot: Dealing With Ongoing Suspected Identity Theft?
njnnja writes: My wife receives periodic emails (about once every other month) from a cable company that is not in our service area that purport to confirm that she has made changes to her account, such as re-setting her password. Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.
We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks. Have a question for Slashdot's readers? Take a look at other recent questions first to see if someone else has had a similar question. And if not, ask away! The more details and context you include, the more likely your question will be selected.
Is it addressed to her name or her email address? If just the latter, than who cares, add it to the spam filter. Or recover the login information and unsubscribe the person from all their services.
Your hair look like poop, Bob! - Wanker.
I've never heard of a company being able to do this. If they don't have your wife's SSN or mailing address, how would they bill you (her) for service? I'm not sold on this being intentional identity theft - are you seeing any other signs of this happening? The last time my info was compromised I saw plenty of other activity that indicated it happened. This seems like a strange case of mistaken identity from my vantage point.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
That which can be explained by a cable company's incompetence.
Your next stop at this point should be the regulators for the state where the cable company is operating. File a complaint with them. You may also want to file a complaint with your own state's regulators.
Most public utilities, cable, electric, telephone are hypersensitive to complaints filed with the regulators, even if it doesn't show publicly, because it affects the rates they can charge.
Good luck!
If all possible, look at all the headers in the email to verify that it truly is coming from that cable company. Also, when you call the company, do they really have an account for her?
Which is easier to believe: That a sophisticated criminal organization is involved in an ongoing plot to usurp your wife's identity and destroy her credit, or that the local cable company is run by a a bunch of half-wits who couldn't figure out how to cancel an account or correct false customer information if their jobs depended on it?
Or, perhaps that Slashdot is a good source for legal advice?
Record your conversations with the cable company. If they do something stupid, like put things in credit reports, you can sue them.
But so far nothing seemed to have happened.
Are you sure that the cable company in question is a legitimate business and not just a scam hoping that you call them to be 'forwarded to their security department' so they can pull personal information from you... ya know, to make sure that you "aren't being billed anything". (sounds like a reasonable hook, to me)
Otherwise I'd imagine using someone else's name and e-mail address is not in any way indicative of a contract and they wouldn't be able to prove anything to go after you, personally.
Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.
Or someone just happened to use a similar email address and misstyped theirs. Are you actually getting emails regarding unpaid bills for the cable company, or is it just simple account-type stuff like changing passwords? Or charges attempting to be made against any of your credit cards? If you are getting emails once a month, it sounds to me like someone put in the wrong email and when they go to pay it online they change the password because they can't log in. And even if there was an unpaid balance, the first thing they would do is send the bills to the physical address they have on file or to the holder of the card that was used to intially set up service, which is also where any collections would likely start.
Hell, 10 years ago I used to get recordings on my phone that someone had overdue movies at Blockbuster. I didn't immediately assume someone was using my identity to steal movies from them in some criminal enterprise, I just figured they had put in a wrong number.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Are you familiar with the recent judgement against Time Warner Cable over a very similar matter?
we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email.
Then they are not clearing it out: they are either incompetent or lying. Consider having a lawyer draft a letter referencing this recent judgement. That might help.
My wife has had this happen to her too. Someone used her e-mail address when signing up for their Comcast account and Comcast kept e-mailing my wife with account updates. (We're not in a Comcast area.) She called and they essentially said there was nothing they could do since she wasn't the account holder. They needed the account holder's permission to change the e-mail that was going to my wife. The same account holder who put in my wife's e-mail address in the first place. (I believe they eventually contacted the person and sorted the issue out, but she still gets the occasional e-mail when the person again puts my wife's e-mail address into a system.)
All this being said, I wouldn't say that "has the wrong e-mail address in the system" is Identity Theft. You're getting pestered with e-mails, sure, but they aren't impacting your credit report, charging you for the other person's service, or anything else. As a victim of Identity theft myself (my name/SSN/DOB/address were used to open a credit card in my name), it takes a lot more than "put your e-mail address in the system" to qualify.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
The magic word is 'fraud' or 'fraudulent'. Add those to your request and they tend to get to eyes who give a damn.
For sites with email as an option to complain, those magic works make it always work for me. They usually even realize I can't login to the account to change the email without me pointing it out to them.
Slashdot Patriotism: We Support our Dupes!
Are you certain the emails are from the cable company? A common scam is to send fake emails to convince you to give them your account info and passwords. Usually those scams are for bank accounts, but you never know -- especially since they're asking you to make a payment. Is the URL in the email the same as the cable company?
Another possibility is that someone entered her email address instead of their own when making their account.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
My policy is to never respond to emails that I receive if they are intended for other people. Here's why.
Back in 1998 I received an email intended for an attorney at a personal injury law firm. The firm's domain name is very similar to mine, the only difference was that they have a hyphen in their domain name and I don't. Being a good guy, I replied to the sender saying he had the wrong email address. That was a serious mistake.
I was accused by their office manager of hacking their emails. I told her that I don't control who sends email to my domain. She said I shouldn't open email not addressed to me, and the firm reported me to the US Attorney for their location for violating attorney/client privacy. Back then, the name, address and phone number of domain owners were always public so it was easy to discover my details.
The US Attorney passed the information to the FBI and I received a visit from two agents who were polite but computer clueless and somewhat concerned about what had happened. As I said, this was 1998 and the whole concept of malware and hacking was somewhat new and esoteric. I explained to the agents in detail what had happened, showed them my email setup and explained how email works. They thanked me and left saying they would be in touch. I haven't heard a word from either of them or anyone else about the complaint since.
However, this experience did change my attitude to incorrectly addressed email. I've received several emails for this law firm since then and I ignored them. These days a complaint of this nature would be ignored but why take the chance.