Bob Schultz '71 - ID Theft Prevention and Detection Luncheon

Bob Schultz '71, Presents "Identity Theft - Detection and Prevention - Lessons from a Victim" at Chapter October 2003 Luncheon

When immediate past President Bob Schultz offered to share his experience on the subject of identity theft with the Chapter, it was obvious that the subject was on many other people's minds as well. Our private room at Jock's & Jill's was filled with alumni and friends who wanted to know more.

Bob's first comment was that though he was not really glad about having become an expert on the subject, he was happy to share his knowledge with the Chapter in hopes that he might help prevent someone else from going through what he and his wife Linda did when their identities were stolen.

The following is a detailed summary of Bob's presentation. This entire presentation is available as a PDF file at the end of this section. Also available as PDF files are some of the excellent source materials that Bob has collected for his personal ID theft information file over the past couple of years. We recommend downloading them and keeping them for current use and future reference.

Here is Bob's presentation summary.

ID Theft Facts & Statistics

"Stealing someone's identity to acquire -- and use -- new credit cards has become one of the most popular white-collar crimes today, according to fraud investigators from across the country."
-Knight Ridder/Tribune Business News

"This year alone more than 500,000 Americans will be robbed of their identities, and have more than $4 billion stolen in their names."
-CBSnews.com

"In one notorious case of identity theft, the US Department of Justice reported that the criminal incurred over $100,000 of credit card debt, obtained a federal home loan, and bought homes, motorcycles, and hand guns in the victim's name all the while calling his victim to taunt him."
-US Department of Justice

"According to a convicted ID thief in Denver, CO, "On a good day I could make $5,000 in cash and another $7,000 to $8,000 in merchandise..."
-CBSnews.com

"Every 79 seconds, a thief steals someone's identity, opens accounts in the victim's name and goes on a buying spree."
-CBSnews.com

"Experts report that a victim can spend anywhere from six months to two years recovering from identity theft."
-CNNfn.com

"Most people don't find out they have been a victim of a stolen identity until they are turned down for a loan or credit card. A copy of their credit report explaining the denial may unveil weeks or months of fraud."
-CNNfn.com

General Information

First and Foremost – TRUST NO ONE WITH YOUR PERSONAL IDENTITY INFO!

Your personal identity may have already been stolen! (1 of 6 has!) It just hasn’t been used yet. Since 1990 over 33 million personal identities have been stolen!

The most common fraudulent account creation methods are via mail, phone, or the Internet.

The very first thing that an ID thief does upon obtaining your personal identity information is to change the billing address on our bank accounts, if he or she has them. The next thing they do is start opening new credit card accounts at banks other than your current bank. If they have your bank account number, they will open new debit card accounts at your current bank.

The people who steal the personal identity information are normally not the person who uses it. There are three levels to personal identity theft rings: the thieves, the distributors, and the users. It is only the local amateur who both steals and uses your personal identity information. This is not to say that there aren't lots of amateurs out there in this business. There are.

Insurance companies, particularly major medical insurance companies, are one of the biggest sources of stolen personal identity information. Administrative or information technology personnel, who have access to the personal info, are approached and offered tens of thousands of dollars to harvest the information from company computers and sell it to those who specialize in distributing and using the information for fraudulent purposes.

It is a federal crime to possess the personal identity information of a person, other than yourself, without their knowledge and consent. The information does not have to be used fraudulently to constitute a crime. Therefore, a crime has been committed in the city and county where you live if your personal identity information has been stolen. Many local police agencies still do not understand this, and waste much time trying to figure out “where” a crime has been committed to fill out a police report. The crime was committed at your current (stolen) address.

Bob & Linda’s ID Theft

On March 1^st 2001, at 11:00 PM Bob received a phone call from operator #160 at Western Union in St. Louis MO. Renee called to verify that Linda Schultz was currently trying to make a wire transfer of $1,200.00 to an address in New York using her Bank of America Visa credit card. She noticed that the address and phone number for the person requesting the wire transfer did not match the records for Linda Schultz that she accessed on their computer system. Bob informed Renee that though we did bank with Bank of America neither of us had a Visa credit card through them.

The fraudulent Visa credit card was established in Linda Schultz’s name using her correct social security number and correct date of birth. Renee said that the work address given for Linda Schultz was “L.S. Associates” in Norcross, GA (which doesn’t exist) and that a false Marietta GA phone number was given. The home address that was listed for Linda was “3336 North A, Philadelphia, PA 19134”. (That address was actually a post office box “front” typically used by crooks for fraudulent purposes. It turned out that the Philly address is where all of our bank statements were being sent! The thieves changed the billing address over the phone and the bank let them do so, without knowing our account security password!)

So, the bad news was that our identities had been stolen. But, the good news was that the thieves chose one of the worst things to do first (a wire transfer), which put us on their trail immediately, and allowed us to stay just barely one step ahead of them for the next few months.

In the coming months a total of five new credit cards were applied for and approved using both of our names. Two VISA credit cards at Capital One, two VISA credit cards with Bank of America, and one VISA debit card linked directly to our joint checking and savings accounts with Bank of America! More bad news… the thieves knew where we banked and had at least one of our existing bank account numbers. Over the next few months, airline tickets were purchased for airline flights to and from Philly and New York, gasoline purchases were being made in Philadelphia and charged on one credit card, and various retail purchases were charged on another one of the fraudulent credits cards before we could close the account.

In summary, Bob and Linda have now closed all of the holes to the best of their knowledge. Once the thieves realize that you are on to them (you close accounts as fast as they open them, and put fraud alerts on your credit reports and bank accounts), they put your ID info on the back shelf for future use, move on to the next victim’s ID info, and start over. Eventually they hit someone who is not paying close attention and then really cash in.

Responsible Agencies

The agencies responsible for prosecuting identity fraud crimes are:

Local police
Governor’s Office of Consumer Affairs
Federal Trade Commission
Department of the Treasury

There is much to be said here, but experience has shown that none of these agencies will be of much help to you at all in finding or prosecuting the thieves. There is very little, if any, coordination between law enforcement agencies when it comes to prosecuting ID fraud crimes. They are mainly information sources. Therefore, the best defenses against identity fraud are the prevention and early detection efforts made by you!

How Identities are Stolen

Personal identity information is stolen in the following ways:

1. Harvesting Database Information: Millions of identities can be stolen at one time when hackers or company insiders raid company databases that contain personal ID information or credit card information. This includes businesses, government agencies, commercial web sites, banks, and particularly insurance companies. Hackers usually target web site databases containing credit card numbers. Company insiders (administrative or information technology personnel) who have access to personal info databases, are approached and offered tens if not hundreds of thousands of dollars to harvest the information from company computers and sell it to those who specialize in distributing and using the information for fraudulent purposes.

2. Account Takeover: Thieves use stolen or fake IDs to take over existing bank or credit accounts. They escape detection for at least a month or so by forwarding statements to private mailboxes or new addresses. Most commonly occurs to those who lose their wallets or purses.

3. Pretexting: E-mail spammers and telemarketers use false pretense to convince people to reveal personal information including credit card numbers. This type of fraud is more commonly perpetrated on senior citizens who are unfortunately more trusting of strangers than they should.

4. Mail Theft: Individuals and organized crime rings steal mail from mailboxes looking for letters containing personal ID info, pre-approved credit card offers, and signed personal checks. Many simply return the filled-out credit card offers and receive a credit card through the mail! Check are “washed” and reused to pay for things the thief wants to buy, or the account numbers are harvested in hopes of doing a successful account take over.

5. Garbage/Dumpster Diving: Thieves dig through the trash looking for bills, credit card statements, medical statements (with SSANs on them!), or other papers that contain enough personal information to open a new account or discover an existing account.

6. Skimming: Thieves use handheld magnetic card readers to copy the account information off of credit and debit cards. The information can be written on a new card to create a counterfeit card. Waiters, store clerks, and gas station attendants have been involved in this activity. Some are paid by organized crime rings. ATM machines have also been rigged with false fronts that contain a card reader which steals and stores your account number and then displays a screen that says the ATM is out of money!

7. Old Hard Drive Harvesting: A recent study showed that 35% to 50% of the hard drives in discarded computers contained personal ID information sufficient to open new accounts.

ID Theft Do’s and Don’ts

Now that you know the most common ways that your identity might be stolen, read Bob’s Do’s & Don’ts list and learn how to do all that you can to prevent yours from being stolen: Click on:

ID Theft Dos & Donts

Source & Reference Material

Those who attended the luncheon all received copies of Bob's presentation and source materials. This valuable reference material is also available here on-line. Click the links below for each article in PDF format:

Credit Bureau Fraud Alert Procedure
(How to place fraud alerts on your credit reports.
This is your primary defense against ID theft, and a "must do"!)

Bob's Presentation above in PDF format

Consumer Reports ID Theft Article
(A "must read" comprehensive article. Large download.)

Equifax ID Theft Information

FTC ID Theft Information

Many thanks to Bob for taking the time to share this valuable, and timely, information with the Chapter.