What You Should Know About Identity Theft
Published, December 1, 2008
During the past year, the Department of the Navy has experienced a few documented cases of identity theft linked to the loss of government privacy information. This Privacy Tip focuses on how thieves steal identities and what they do with that personal information, as well as general information about identity theft.
How do thieves steal an identity? Identity theft starts with the misuse of a person's personally identifying information, such as name and Social Security number, credit card numbers or other financial account information. For identity thieves, this information is as good as gold.
Skilled identity thieves may use a variety of methods to obtain personal information, including:
- Dumpster Diving: They rummage through trash looking for bills or other paper with personal information on it.
- Skimming: They steal credit/debit card numbers by using a special storage device when processing the card.
- Phishing: They pretend to be financial institutions or companies and send spam or pop-up messages to get people to reveal their personal information.
- Changing Addresses: They divert billing statements to another location by completing a change-of-address form.
- Old-Fashioned Stealing: They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records or bribe employees who have access.
What do thieves do with a stolen identity?
Once they have your personal information, identity thieves use it in a variety of ways.
Credit card fraud:
- They may open new credit card accounts in their victim's name. When they use the cards and do not pay the bills, the delinquent accounts appear on their victim's credit report.
- They may change the billing address for a credit card so that the victim no longer receives bills, and then run up charges on the account. It may be some time before the victim realizes there's a problem because the bills are being sent to a different address.
Phone or utilities fraud:
- They may open a new phone or wireless account in their victim's name or run up charges on an existing account.
- They may use their victim's name to get utility services like electricity, heating or cable TV.
Bank/finance fraud:
- They may create counterfeit checks using their victim's name or account number.
- They may open a bank account in their victim's name and write bad checks.
- They may clone their victim's ATM or debit card and make electronic withdrawals in their name, draining the accounts.
- They may take out a loan in their victim's name.
Government documents fraud:
- They may get a driver's license or official ID card issued in their victim's name but with their photo.
- They may use their victim's name and Social Security number to get government benefits.
- They may file a fraudulent tax return using their victim's information.
Other fraud:
- They may get a job using their victim's Social Security number.
- They may rent a house or get medical services using their victim's name.
- They may give their victim's personal information to police during an arrest. If they do not show up for the court date, a warrant for arrest is issued in their victim's name.
Useful Identity Theft Information:
- The Federal Trade Commission (FTC) reports approximately 3.6 percent of the U.S. adult population has experienced identity theft. ID theft of children and the deceased are on the rise. Additionally, medical identity theft is a growing concern.
- The most common forms of identity theft are the fraudulent use of PII to open a new line of credit and the use of credit/debit card account numbers to make purchases.
- The full Social Security number linked to a name are key elements to committing identity theft.
- Crimes are more often offline than online.
- A significant amount of PII, including Social Security numbers can be found in public records.
- Risk is greatest when information is stolen by someone targeting the data e.g., by a hacker or a burglar.
- Most victims find out about identity theft through an adverse action such as a creditor demanding payment on a late bill.
- Half of known identity thieves were known by their victims; one-fourth were dishonest employees.
- The President's Identity Theft Task Force recommended Federal agencies reduce the unnecessary use of Social Security numbers, which it called "the most valuable commodity for an identity thief."
- Phishing attacks aimed at identity theft affect one in four individuals per month.
- Two-thirds of attacks appeared to be from legitimate companies.
- Consumer credit card liability is $50.
- Consumer debit card liability is $50 if reported within 48 hrs, $500 if reported within 60 days. After 60 days the victim may lose all the money in the account plus the overdraft amount.
- The Identity Theft Enforcement and Restitution Act of 2008 makes it easier to prosecute thieves and compensate victims for time and trouble.
- The FTC provides useful information regarding identity theft and valuable prevention tips. Visit http://www.ftc.gov/bcp/edu/microsites/idtheft/
for more information.
For questions regarding identity theft and privacy, contact
Steve Muck, DON CIO Privacy Team Lead.
January’s Privacy Tip will provide steps that should be taken to prevent identity theft and the actions that should be taken by victims of identity theft.