It was not uncommon for Janice Jackson to receive her neighbor’s mail. When her mail carrier was ill, his replacement, who was still learning the route, often put mail delivered to Jackson’s Staten Island, New York, address in her neighbor’s mailbox. Normally, Janice Jackson and her neighbor, Mona Jackson, would return each other’s mail — until Mona Jackson mistakenly received a pre-approved credit card intended for Janice Jackson and used it to withdraw cash from automatic teller machines. “I received a bill for a credit card I did not have,” says Janice Jackson. “I remember accepting the offer for the card several months prior to receiving the bill, but then I forgot all about it.”
Janice Jackson called the credit card company, which began an investigation. “They found out that the first set of bills were going to Mona Jackson’s apartment. It was frightening how easily someone could use a credit card that was in my name,” Janice Jackson says. The company didn’t investigate further, stating that the $600 cash withdrawal was not large enough for them to prosecute.
Up to 700,000 people were the victims of identity theft last year, according to the Identity Theft Resource Center. Identity thieves steal credit cards, write bad checks, buy cars, establish phone or wireless service in your name, and commit other fraudulent acts that damage your credit record and invade your privacy. They pose as loan officers, law enforcement agents, social workers, potential employers, and figures of authority in order to obtain sensitive financial information from their victims.
Another concern for potential victims is the threat posed by predators who dig through garbage cans for credit card receipts or bank statements. But those methods have been replaced. Today, technologically savvy Internet thieves obtain personal information by accessing passwords, exploiting security vulnerabilities, observing transactions on the Web, and by directly attacking servers. Online fraud losses for 2001 were 19 times greater than those resulting from brick-and-mortar sales. More than $700 million in online sales were lost to fraud in 2001, representing 1.14% of total annual online sales totaling $61.8 billion, according to GartnerG2, a research and analysis firm (see “Protect Yourself,” Techwatch, this issue).
In an effort to make cardholders feel more comfortable shopping online, most credit card issuers have eliminated all liability for Internet card fraud and have developed better security measures. Visa’s Verified by Visa and MasterCard’s Universal Cardholder Authentication Field (UCAF) are credit card protection systems with easy to use password-based applications. Visa also monitors participating e-merchants and Internet service providers for adequate firewalls and other data-protection devices.
The Address Verification System (AVS) has proven to be the most effective deterrent. AVS, a free service offered to vendors by the United States Postal Service, compares the billing address supplied online with the billing address on file at the bank issuing the credit card.
In response to the growing crime
epidemic, many states have passed laws related to identity theft. Two federal laws, The Identity and Assumption Deterrence Act, enacted by Congress in October 1998, and the Internet False Identification Prevention Act, enacted in 2000, have also been put into effect. Contact your state attorney general’s office to find out whether your state has laws related to identity theft or visit www.consumer.gov.Once you become a victim, it can take months — or even years — to restore your financial standing. Some experts say you can never fully prevent identity theft, no matter how cautious you are. But here’s what you can do to minimize the risks:
- Shred all important documents, including pre-approved offers of credit, credit card receipts, cancelled checks, and other financial records. Thieves can use improperly discarded documents to apply for credit in your name. To completely opt out of receiving credit offers, call 888-5-OPTOUT.
- Pay attention to billing cycles. Follow up with creditors if bills do not arrive on time.
- Find out how personal information will be used before releasing it. With so many requests for personal information, always find out if it will be shared with others. In the case of an employer, find out how your information will be protected.
- Don’t give out sensitive financial information. When you’re on a cellular or cordless phone, especially if it’s an older model, keep financial information private.
- Guard your Social Security number. Many institutions rely on Social Security numbers as passwords. Remove anything with your Social Security number from your wallet or purse. Give out your Social Security number only when absolutely necessary; when possible, ask to use other types of identification. Call 800-772-1213 to check your Social Security statement or the Social Security Administration’s Fraud Hotline, at 800-269-0271, to report a Social Security number that has been stolen or misused.
- Get a credit report from one of the three credit bureaus once a year to check for accuracy. A credit check for an unfamiliar loan or lease could be a sign a thief is casing your credit history. If you detect anything suspicious, contact the credit bureau’s fraud department and ask them to put a fraud alert on your record. This will make it more difficult for someone to open accounts in your name. Unless you’re a victim of identity theft or have been denied credit within 60 days, you may have to pay for this report. To order a credit report, contact Equifax (www.equifax.com, 800-685-1111); Experian (www.experian .com, 888-397-3742); or TransUnion (www.tuc.com 800-888-4213).
- Keep items with personal information in a safe place. Limit the forms of identity you carry in your wallet. If your ID card, credit cards, or debit cards are stolen, notify your financial institutions immediately and call the credit bureaus to request that a fraud alert be placed in your file.
- Make certain you are dealing with a legitimate company when shopping online. Research the company with the Better Business Bureau or other consumer protection agency. Check to see if there is a working telephone number and e-mail address for the merchant’s customer service department.
- Find out if you are using a secure browser. When you’re ready to make a purchase and are asked for personal information, look at the Web address at the top of your screen. If the information is “encrypted” in a secure manner, the URL address will start with :https://.
- Look for information about the merchant’s privacy and security policies. Every Website should clearly disclose how the merchant will protect your financial information and whether it will share your personal information with other companies.
- Consider using a service that masks your account number. American Express offers Private Payments, a service that generates a unique, random number that is used in place of an account number. It expires after each transaction, so it cannot be reused if stolen. Private Payments, however, is not designed for certain types of transactions, such as advance travel arrangements and recurring payments. Consumers can also purchase software from Anonymizer.com (www.anonymizer.com) or Zero Knowledge Systems (www.zeroknowledge.com), which promises to conceal your online persona or create online pseudonyms when you exchange e-mail or participate in chat rooms.
- Consider purchasing identity theft insurance. Some insurance companies, such as Chubb and Hartford, offer identity theft insurance as a rider on a homeowner’s policy.