Risk Management

   




 

 How I Became An Expert In Identity Theft


by Dick Garland
  After many years as President of an executive recruiting firm specializing in the credit card industry, it is ironic that I now find myself "searched out" in a particularly dangerous, heart-thumping way. The problem? For the third time since July of 1999 I have been the victim of credit card fraud in the form of identity theft. Despite recent media focus that has attempted to spotlight the problem, little is known about it and there have been few attempts to cohesively address it, or to supply a working model to deal with it. I have decided to write about my experience, providing a primer for dealing with the problem. Identity theft truly is a crisis. It undermines public confidence in our entire credit card system and puts every credit card holder at risk. My experience with law enforcement illustrates their inability to remedy the situation. All of the agencies I have contacted simply fill out forms, file reports and, at least in my case, the problem persists.

The Story After returning with my family from a short vacation in 1999, I was confronted with a letter from one of my VISA issuers confirming my supposed move from Westchester County in New York to the state of Connecticut. I immediately contacted the issuer and indicated that that was not the case. Over the next two days I received phone calls from nearly all of the issuers alleging the same bogus information, which of course I refuted.
At the end of the month when the bills arrived, $57,000 had been charged against 3 accounts fraudulently in my name.

 
In February 2001, $14,000 was fraudulently taken to pay existing VISA/MC charges at banks where I did not have credit cards. This was done electronically.

In June of 2001 I received notification from the Post Office that, since I had requested a change of address to Decatur, GA, my mail was now being sent to that address. Of course that, too, was fraudulent and was stopped immediately.

In August of 2001 I was contacted by an issuer reporting an attempt to gain a new VISA card (where I already had an existing account) with a Decatur, GA address. A further attempt at identity theft. And on it goes�

Steps Taken After each incident a police report was filed, the U.S. postal authorities and the U.S. Secret Service contacted (they are supposed to be part of this). In addition all of my VISA/MC issuers were contacted, account passwords were changed and, of course, all three credit bureaus were advised.

The following statement appears on all three of my credit reports and will continue for the next seven years. "Fraudulent applications may be submitted in my name using correct personal information. If you access this file, please verify with me personally, that it is legitimate."

Every contact is followed up with written notification and the file is nearly 6 inches thick!! There appears to be no coordinated effort to catch the perpetrators. When the first incident occurred in July 1999,

I determined that the location of my alleged new address was a Mailboxes Etc. in Monroe, CT., listing an apartment number that in reality was a mailbox. I immediately advised the Postal Inspector of this information and was told he was "too busy" to stake out the location and try to apprehend the individual. UNBELIEVABLE! After the incident in June, I contacted the local District Attorney's office. They advised me to contact the local Secret Service office, which I did. They never even had the courtesy to return my phone call.

What I Have Learned Officially and Unofficially, About How the Scam Works
Somehow knowledge of your Social Security number is acquired. This is not as difficult as it appears. We all give this information to insurance companies, doctors, dentists, hospitals, motor vehicle departments, credit card issuers, employers etc.

The next step is to access a copy of one or more of the three major company credit reports on the individual primed for fraud. Credit reports list every credit card, line of credit, current debt and payment history.

In my case it also listed my mother's maiden name. In many cases the mother's maiden name becomes the password for VISA/MC accounts.

The issuer is then contacted and advised that the individual has moved, and a new address established (Mailboxes Etc.). A different first name is added to the account making it appear as though the individual has added a family member's name to an existing account. An additional card and cash advance checks are issued and mailed to the new address. Now all correspondence, bills, etc. are mailed to that new address. In a short period of time the account is plundered, using either cash advances or balance transfers and perhaps one or two minimum payments made on the outstanding balance to defer suspicion.

I have been told that a gang of foreign nationals are behind this fraud just described and have a level of sophistication that is scary. They use cell phone technology that has the ability to clone land-based home telephone numbers, which are usually required by the issuer to make changes to an existing MC/VISA account. Another method of identity theft which has come to my attention involves criminals gaining possession of unused cash advance checks, mailed by the millions to card holders. The thieves then employ the methods described previously, moving the account to a new fraudulent address.

As to the issuers themselves, it appears that it is less expensive to pay the claims than change the current but ineffective security systems.

Regarding e-commerce security, Cardbuzz Advisory (7/9/01), quotes the FBI as stating, "Over one million U.S. credit card numbers have been stolen and 90% of all passwords can be cracked by hackers." In light of that statement what happened to me sounds like child's play.

It also appears that there is more than one theft ring involved and my information is continually being sold, potentially creating exponentially greater opportunities for theft in my name.

What To Do It is my hope that in reporting this horror story, others in our community who are affected will take action. I have never been a proponent of federal government involvement in private business. But because of the devastating and far reaching effects of identity fraud, I advocate a federal law that will coordinate the activities of local law enforcement, the Federal Postal Inspector and the FBI in the apprehension and prosecution of these criminals.

    Although individuals who are victims of identity theft are not responsible for debts incurred in their names, you would think that issuers must be more aggressive in developing safeguards that will protect both themselves and consumers. Yet, I have been successful in coercing my new password from the customer service department of one of my VISA issuers, suggesting that a more careful approach be taken by customer service representatives too.

In sum, identity theft is a multi-faceted, real world problem that devastates an individual's fundamental feelings about self and safety. To produce solutions there needs to first be an addressing of the problem, as I am doing here, along with the cooperation and education of well-trained staff at the credit card issuers level. The power of the federal government should be used to back them up.

I hope I have provided the reader with an introduction to credit card identity theft with its many consequences and ramifications. Sadly this fraud can happen to anyone, anytime.


Dick Garland is the President of Dick Garland Consultants, Inc., a retained executive search firm specializing in the acquiring side of the credit card industry. Dick Garland Consultants, Inc., 31 East 32nd. St., Suite 300, New York, N.Y. 10016. Phone 212.481.8484, Fax 212.481.9582. E-mail[email protected].






back to articles