Community
A Boston woman has been indicted for allegedly stealing at least 34 identities, which she was able to access from her workplace, a medical cost-management firm.
“This was an extensive scheme in which the defendant used her access to the victims’ personal identifying information as a means to steal their identities, obtain credit cards in their names without their knowledge, and then use those credit cards to make purchases for her own personal gain,” said the local District Attorney. “The defendant had access to a large database of health care professionals that contained their personal information.”
State police learned of the fraud when a physician discovered that a credit card had been set up in her name and sent to a P.O. Box in Lowell, Massachusetts. Further investigation by postal inspectors revealed that other cards had also been sent to this P.O. Box. If convicted, she could face up to 75 years in state prison for 15 counts of grand larceny, 100 years for 20 counts of credit card fraud, 55 years for 22 counts of identity theft, and 20 years in for being a “common and notorious thief.”
As much as 70% of all identity theft is committed by someone with inside access to organizations such as corporations, banks or government agencies, or simply someone who has an existing relationship with the victim. People with access to sensitive personal data are most likely to commit identity theft. For many, it’s just too easy not to.
An identity thief begins by acquiring a target’s personal identifying information: name, Social Security number, birth date and address, in that order. If the thief has regular access to a database, he can simply copy and paste the information into an online credit application, or hand write the information on a paper credit card application.
Many credit applications request current and previous addresses. So the thief fills out the victim’s current address as “previous” and plugs in a new address, usually a P.O. Box or the thief’s own address, where the new credit card will be sent. I’m amazed that a lender or credit card company can be careless enough to send a new credit card to a relatively anonymous P.O. Box. The lender just checks the victim’s credit and, since everything matches, no red flags pop up. The card is issued and the fun begins.
Once the thief receives the new card, he or she activates it from a throwaway cell phone. The next step is to either use the card to withdraw as much cash as possible from an ATM, or max it out with charges and then resell the stolen goods through classified ads or online auctions. If the thief is suffering from a drug addiction, it can be impossible to stop this cycle, because stealing identities goes hand in hand with addictive behavior. It’s like gambling. Thieves get a high or a rush when they feel they’re beating the system.
In the case of the Boston woman mentioned above, most people’s first response would be a determination that her employer should have done more to protect the data. There are numerous technologies that monitor, manage, control and restrict who has access to sensitive information. Today, these technologies are being deployed more often than ever before, due to various regulatory issues. However, regardless of what technologies are deployed, all you need to open a file cabinet is a key, if the cabinet is even locked in the first place. So how do you protect yourself when someone has full access to all your information?
1. Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. 2. Invest in Identity Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
Robert Siciliano Identity Theft Speaker discussing identity theft
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Andrew Ducker Payments Consulting at Icon Solutions
19 December
Jamel Derdour CMO at Transact365 / Nucleus365
17 December
Alex Kreger Founder & CEO at UXDA
16 December
Dan Reid Founder & CTO at Xceptor
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.