Fraud

Of all the worries that parents of young children face, few would rank the prospect of their 7-year-old opening up six credit cards and running up $35,000 in debt as one of the most pressing. But increasingly, parents and young adults are struggling with a very similar reality these days — only the children themselves aren't to blame, identity thieves are.

Last week, two stories of childhood identity theft hit the headlines...

• In Florida, a woman was accused of opening up a Capital One credit card under her daughter's name, and then using the card until the girl's father began to notice collection notices being sent to their home.
• In California, a man was discovered to be using the identity of a 4-year old who died in 1984. He was caught after using the deceased child's name to buy a home, a car, and to obtain several credit cards.

A Growing Problem

According to the Federal Trade Commission, there were more than 34,000 incidents of childhood identity theft reported between 2005 and 2007. The figure makes up about 5 percent of all identity thefts.

Chiefly to blame is a credit check system that at no time makes an effort to verify the age of individuals. With nothing but a Social Security number, thieves are often able to gain a credit history by finding creditors who don't require a photo ID or birth certificate. The first age that goes into a system like Trans Union, Experian, or Equifax, becomes permanently associated with the applicant's name and Social Security number.

Here's how John Moira, the father of the girl who had her identity stolen by her mother, describes it:

"My heart dropped, I couldn't believe it," said John Moisa, who became suspicious when he received correspondence from the credit card company addressed to his daughter. "At first I didn't think about it until my mom said she was getting collection calls at her house."

Moisa called the credit card company, which wouldn't initially talk to him until he faxed proof of his daughter's age. Moisa said he's spent the past several months trying to repair the girl's credit.

"It was unpaid, past-due bills, so it didn't look good," Moisa said.

Parents Are the Best Protectors (and Most Likely Culprits)

Some experts estimate that around half of childhood identity theft is committed by parents and relatives with access to a full range of information and documentation associated with a child. Other reports point to teachers, administrators, coaches, babysitters, and others with easy access to documents and records. (Some teachers have even been known to have pupils write their social security numbers on all homework and tests, exposing students anyone who bothers sifting through the school's wastepaper baskets.)

With a down economy, parents and family members might be more likely to turn to identity theft as a way getting their hands on additional credit.

"The majority of cases involve parents who may be going through a tricky time, going through a divorce and looking for additional credit," said Purl, Chief Operating Officer for Grand ISS, a St. Petersburg-based investigative security firm.

Purl said with more people out of work, identity theft cases involving young children are likely to increase.

"I think we're going to see more crime in general, as money is more tight for people. We've seen that with credit card fraud and white-collar crime. It's an easy way to make money," Purl said.

How Can We Protect Our Kids?

It's becoming increasingly important for parents to help their kids get savvy about giving away personal information on the internet, or over the telephone. Beyond that, responsibility falls on parents to be vigilant about who they send copies of birth certificates to, and to notice things like debt consolidation notices coming in the mail addressed to their children.

For more on how to prevent childhood identity theft and what to do if you think your child has been targeted, check out this fact sheet from the Identity Theft Resource Center - www.idtheftcenter.org.

Mark Cuban & Tommy Hilfiger are the latest victims of identity theft.

The UPI is reporting that a 23 year-old New York man - Gregory Mortel - was able to have credit cards issued to him using the names of famous people, including Dallas Mavericks owner Mark Cuban, clothing mogul Tommy Hilfiger, and George Hornig, the chief operating officer of investment bank Credit Suisse First Boston.

I'm wondering why a thief like Mortel chose to steal the identity of rich & famous people. Certainly their wealth would enable a sizable credit line via American Express, but wouldn't he worry that the faces of Cuban and Hilfiger would be instantly recognizable when he tried to use the credit card?

Evidently not...

Mr. Mortel was brazen enough to boast that he would never be punished. Here's what he had to say:

The source said investigators had Hornig call Mortel's cell phone and the suspect said during the call, which was recorded by police, that "nobody will ever be able to trace him to any wrongdoing."

Ooops!

Why Wasn't He Caught Earlier?

We obviously have a problem with our credit system when virtually anyone is able to gather and use someone's financial information to open new credit accounts and use them openly - especially when the victims involved are famous and have very recognizable faces.

Did anyone ask him about his name? Tommy Hilfiger is not a common name. Surely someone at the Equinox gym - where he was picked up by the police while getting a spa treatment (paid for via an American Express issued to Tommy Hilfiger) - should have asked him about having a name identical to a very public figure. Did they even look at the name?

UPDATED: Kate Weinberg, the manager of the Equinox gym, has set the record straight regarding the credit card used by Mr. Mortel. Evidently it was issued by Amex to Gregory Mortel but used the same number as Tommy Hilfiger's card. We apologize to the staff of the Equinox gym for our error in assuming they had not checked the signature on the card. See all of Ms. Weinberg's text in the comments below.

It reminds me of a hilarious experiment by John Hargrave on Zug.com where he signed his credit card receipts in all kinds of ridiculous ways, just to see if anyone would notice.

Here's a sillier example - signing as Shamu on a visit to New England Aquarium:

Hargrave describes his experience like this:

Now, someone should have caught this. First of all, everyone knows that Shamu works at Sea World. Second, how could Shamu accurately render a scale drawing of himself? That kind of penmanship would be unlikely from a creature using only its vestigial fins.

No one noticed. No one cared. No one said a thing.

That's why scammers like Gregory Mortel have no fear when it comes to ruining people's lives. It's up to us to protect ourselves. No one else is going to do it.

Selling puppies via Craigslist - or any classified ad - can be hazardous to your bank account.

Janet from New York sent us this story about a response to an ad she placed in an online classifieds web site. Here's how it went down:

You have received a reply to your pet ad.

Hello,

I am Dan and am writing you because am much interested in your puppy for sale on the classified ads. Kindly email me the details with the actual price and the health condition of the pup. Hope the pup is still in a good state. Looking forwarding to hearing from you soon. Have a nice day.

Mr Dan

Not a bad start. His english isn't great, but that's okay. Here's Janet's reply:

Hi Dan,

I have two puppies left. The boy and the black and white girl. They are very healthy and quite active. They are $475 each. They will have their first 5way shot and have been dewormed. You can visit them if you like. They are available to leave the nest anywhere from the 19th to the 22nd. On the 22nd they will be 8weeks old.

Let me know. Don't worry about their health. I am taking good care of them. They will also come with papers.

Thanks,

Janet

A reasonable response and the price seems right (okay, I don't know anything about puppies, but I'm guessing these are pretty nice for $475 each). Here's where things turn south...

Hello

Thanks for your email. I'm okay with price of the female puppy for $475. I will be making the payment via Certified Check drawn from a United State of America bank. I will making a dual payment which will cover the payment of the puppy and little part of the shipping of the puppy to its final destination.

Furthermore, as soon as you receive payment, you need cash to deduct the money for the puppy and wire the rest to the shipper who will be available for pickup at your end. In addition, you need to deduct $90
for more proper vaccination, Purina puppy chow and vet check before the pickup. Get back to me with the below information in order to get the payment mailed:

Name to be on the check:
Address to be mailed to ( No P.O Box Please)
Phone Number(s) I can possible reach on ( Morning/Day/Evening)

I just had to let you know how lucky the pup is going to be because the pup is coming to a good home with a spacious fence yard and tender care of family of two kids and Pet Lover.. I will be happy to send you pictures of the puppy development. The shipper will be taking good of him by giving a good hospitality and making a sound delivery to me.

Moreso, I will be glad if you can scan a copy of the AKC registration document and other paperworks for me, i.e if available. Get back to me as soon as the possible so I can effect the payment.Thanks and I look forward to reading from you.

Regards,

~Pups are my World~

Janet could sense that something was very wrong here. What were the warning signs?

• Payment via check. - in an online transaction, a check should be considered worthless. Scammers are experts in creating forged checks. Your bank will initially accept the check, but will later discover that it's a forgery and will remove the funds from your account.
• Extra payment - this is a huge warning sign. Any time a buyer wants to send you more money than you're asking for, alarm bells should go off. They're hoping you will deposit the "extra money" in your bank account and then wire your money to an accomplice. Not only will you not get paid for your merchandise, you'll actually end up paying them money. Getting scammed twice instead of once is not fun.
• Payment via wire - thieves love being paid via wire because it's almost impossible to track and recover the money. Never pay by wire.
• The use of emotion - the scammers play on the sellers feelings by talking about how they'll care for the puppy, take pictures of the puppy, put the puppy in a nice, big, safe, fenced yard, etc. Emotion is a powerful tool in distracting you as they steal your money.

This story had a happy ending. Janet sensed that something was wrong and didn't send the scammers anything. We're sharing the story here with the hope of educating other people placed in the same situation.

NOTE:This is our first in an on-going series of stories direct from visitors of Fight Identity Theft. If you'd like to submit your story, go to our contact page and select "I'd like to share my story."

According to investigative reporters for WirtschaftsWoche, 21 million Germans have had their personal information stolen along with their bank account and bank code numbers. The thieves are offering to sell the data for 12 million euros (about 15.3 million dollars). It is believed the scammers gathered the data by using employees at financial institution call centers.

Could this happen in the U.S.?

It certainly could. Privacy laws throughout Europe are generally tighter than U.S. laws and Germany is among the tightest. Low employee morale, caused by a deteriorating job market and chaos within the financial sector makes crimes like this more likely. I'm sure it's tempting for employees to grab whatever data they can as they're shown the door or maybe they're just looking to add to a mediocre salary. Whatever the reason, it may be time to buckle up and prepare for a bumpy ride.

What could criminals do with this data? Make bank withdrawals.

Criminals can use the bank account info to make withdrawals - either big or small. A .57 cent bank withdrawal from 21 million accounts still ads up to... ummm... let me get my calculator out... $11.97 million dollars. And that's this month, and next month, and the next month, etc. until they're caught or they decide to make a big withdrawal and run.

Here's their strategy, detailed in an IT World article:

Although banking passwords were apparently not included on the CD, criminals would be able to use this data to withdraw funds from a victim's account, said Thierry Zoller, an independent security consultant based in Luxembourg.

Scammers could use this type of information to initiate a large number of debits from German banks, making each withdrawal small in hopes that it would not be noticed by the victim, he said.

This is why carefully checking your bank records is important. If you see a unexplained entry - even if it's small - you should track it down until you understand where it came from. Otherwise you might unexpectedly see a much bigger withdrawal from the same source somewhere down the line.

More about this story at the WirtschaftsWoche in English and German.

You can also find coverage at The Register, and IT World.