Idaho Falls - Today! #1 Discussion Site

The Idaho Falls Water Cooler (The site formerly known as IdahoFallz.com)

Identity Theft: What’s behind it all?

If you're new here, you may want to subscribe to the newsletter or RSS feed. Thanks for visiting!

Identity theft is a huge problem in the US these days. It’s strange, but most Americans don’t really understand how identities are usually stolen and who, for the most part is behind it all. In this article I will shed some light on this topic, and hopefully some people will find this to be beneficial.

Not too many years ago, the theft of someone’s identity was a fairly rare thing. People may have a checkbook stolen, and someone would go out and write checks on their account. In more sever cases the actual personal information of a person might have been used to open a credit card account, or get a loan but those cases were relatively rare. With the birth of the Internet, things really changed.

Many people have heard of (or maybe even seen) some of the old scam letters that circulated years ago. A few exists still today. These letters use to arrive in the US Mail (now via email) and are known as ‘419 scams’ or ‘Advanced Fee Frauds.’ Generally people are selected right out of a telephone book, and letters are sent to those names and addresses. The letter might claim to be from an Attorney in a foreign country. The Attorney claims that he is handling the estate of now deceased Saudi Arabian King, and that they needed a trustworthy person in the US to care for the funds by allowing these funds to be deposited into their US bank account. The reader is promised a percentage of the proceeds if they will help. All they need to do is pay a small advance fee & taxes or administrative fees. Hard to believe, but people fell for this one all the time, and still do.

In the ‘old days’ credit card fraud would occur when someone had their wallet stolen and the bad guys would go on a shopping spree with the victim’s credit card. A few purchases would be made, and the card would be discarded.

Most of this ‘low tech’ criminal activity was handled in a very ‘local’ fashion by local police. Other police jurisdictions would become involved only if the suspects used the credit cards or identity in a different city or state. But still, police did not often work well with other jurisdictions because years ago the world was just a bigger place. Back then it was simple; some kid found the wallet that you dropped, and he used your credit card at the local shopping mall. End of story.

Today the problem is much more complex. As we all know, Al Gore, prior to beginning his crusade against ‘Global Warming’ by trying to get everyone (except himself) to use less energy, invented the Internet. And with Al’s new ‘invention’ came a whole new world of opportunity for fraudsters. It was now possible to not only commit crimes with the stolen identities from remote locations anywhere in the world, but it was now much faster and easier than ever to get the credit card information in the first place. And all with almost complete anonymity. Fraudsters quickly learned how to use computers to gather personal information from people all over the world, as well as ways in which that information could be used illegally, to make millions of dollars in profit. And all with little or no risk to themselves.

How you ask? Personal information is gathered in a variety of ways. A valid credit card number is worth a certain amount of money on the black market. An average would be about $25. For certain cards with the 3 digit check code the value might be $50 per card. So, anyone, anywhere can go into the business of collecting credit card numbers, and sell those numbers on the black market for cash. This could be done by someone working in a busy restaurant, convenience store or a computer hacker who does his work from home. I believe that most personal information and credit card numbers are stolen by computer hackers and spammers. I have seen many very realistic emails that appeared to be from eBay, Banks, PayPal and other companies. Bad guys will construct these emails to look very official. They will mail them out to large numbers of people. They know that a certain percentage of people will actually have eBay, Paypal or the applicable bank accounts, and a certain number of those will respond to the email. The email will direct the person to click on a link included in the email, to go directly to the businesses Internet site to ‘update account information.’ If a person falls for this, they end up on the suspect’s web site (which will look very official just like eBay, PayPal etc.) where they will type in their user name and password. That’s all it takes. The bad guys now have your user name and password.

There are many other ways that personal information is gathered. As an example, a crack addict in a large city could spend his day looking through dumpsters, collecting account information from discarded statements. If he could collect 10 credit card statements a day, he could make as much as $250 a day. Crooked employees at businesses can use small hand held scanners (available on the Internet) to scan the credit cards that are handed to them as part of normal sales transactions. These scanners are about the size of a pack of cigarettes. If the bad guy can hold your card, turn his back to you for a second or two, and run your card through that scanner, he has every piece of information associated with that card, including your address and the 3 digit check code on the back of the card.

Some computer hackers will use programs that go out on the Internet and scan hundreds of thousands of computers within hours. If you have wireless Internet, and keep your system open 24 hours a day, these scanning programs will eventually find you. They are programmed to locate unsecured systems, and hack their way in. They then will locate personal information from files on your computer, and send that information back to the hacker, all while you sleep soundly in your $3000 Sleep Number bed at 3:00 in the morning. You never even know your computer was violated. That is why a firewall and other security measures are so vital.

Many times the criminals involved in the large scale operations are part of very large, well organized criminal groups. Many of these are from outside the US in Nigeria or Russia. They operate structured organizations that are beyond what most people in the US can even imagine. They will have people assigned to specifically collect credit card numbers and personal information. They will have people assigned to use this stolen information gathered to place orders on the Internet with companies like Dell, Wal-Mart.com and others. They have people assigned to work Yahoo chat rooms, recruiting ‘package forwarders’ who will eventually receive the stolen shipments, repackage them and ship them on to locations outside the US. These people may be paid $25 per package, or they may be just doing a favor for the new ‘love of their life’ that they met in a Yahoo chat room a few months ago. The fraudsters take advantage of whatever need or weakness they can find. As they chat with you on Yahoo, if you are a lonely old man in Georgia, they are a lonely older woman just about your age. They’ll even send you the pictures. They will be whatever you want them to be.

The Fraudsters will also have people assigned to post job listings on large Internet job sites jobs for ‘Material Handlers’or ‘Package Forwarders.’ If you respond to one of these, it may look very legitimate and include actual job applications, employee hand books and claims of ‘benefits.’ It’s all a scam. They will ship you as much stolen product as they can, as quickly as they can. You ship it on to them in Ghana. Once you wise up or are shut down by police, they just start sending orders to the next fool in line.

It all operates like a machine. Credit card information is stolen. Stay at home, ‘lonely hearts’ type people in the US are recruited to ‘make a little extra cash.’ Fraudulent orders are placed on line. The property is shipped by US companies to residential addresses all over the US. The recruited package forwarders repackage the products, and ship them off to Nigeria or Russia, using shipping accounts that are supplied by the suspects, and are also stolen. Once police shut down a package forwarder in a given city, the bad guys just shift over to a new one, supplied immediately by their ‘recruiting department. The process doesn’t even slow down.

Prosecuting the package forwarders is hard to do. Most of them do not even know they are involved in criminal activity. The real bad guys are in another country, and in most cases cannot be touched by US Law Enforcement officials.

The organized crime groups are very sophisticated, and have a never ending supply of credit card numbers, new package forwarding recruits and US retailers eager for Internet sales. This problem is so wide spread that it truly is not a matter of IF a person in the US will be a victim, but WHEN.

Retailers have continually developed a variety of ways to combat this problem as best they can. But as new techniques are implemented, the fraudsters soon develop ways to circumvent those procedures. One interesting example of this as follows;

For years now, bad guys have been using stolen credit cards to purchase merchandise online, and have had that stolen merchandise shipped directly to their package forwarding recruits around the US. In the last year or so merchants have started to disallow shipments going to addresses other than the actual billing address on the credit card. In response to this, the bad guys are now beginning to place orders in which they have the stolen property shipped directly to the billing address! In other words, the stolen loot is now being shipped directly to the front porch of the identity theft victim (credit card holder.) Why would they do this you ask? The bad guys know that most homes in the US have dual incomes, and that no one is likely home during the day. They monitor the shipment using the tracking number provided by the retailer. They watch as the package travels to the home of the credit card holder, and they know exactly when it will be delivered. If the package is scheduled for delivery on say Thursday, the criminals call one of the local shipping companies and request an ‘at home pick up’ on that day. They would call UPS as an example, and say ‘I will leave the package on the front porch, please come pick it up after 3:00 PM. They pay for the pick up and shipment using another stolen credit card. FedEx will deliver the package at 2:00 p.m. and UPS pulls up and picks the package up at 3:30. It is then shipped on to the home of a package forwarder, where it will be repackaged and shipped on out of the US.

Sometimes people come home unexpectedly and find these packages on their porch. They wonder what is going on. When they learn that their credit card was illegally used to make the purchase, they stand there in amazement wondering why the suspects would order merchandise with their credit card, and then have the stolen loot shipped directly to their home. In most cases even the police can’t figure this one out.

Sadly, police in most locations around the country are not yet trained or otherwise well equipped to fight this new enemy: Internet crime. Most of the larger cities have solid, well trained computer crimes divisions, but your average small to medium town or county sheriff’s office has nothing of the sort. Many police agencies around the US still do not even use email. These smaller departments have just not kept up with the times. They have no idea about IP addresses, email headers and/or anything else that goes along with a criminal investigation related to Internet crime. The bad guys know this, and they intentionally use people in smaller, more remote locations when possible. Not only are people in areas such as this more trusting and easily recruited, but the local police are not as likely to even understand the problem.

Companies continue to implement new ways of combating this problem. I am not at liberty to disclose any of these measures, but suffice it to say that most US companies are doing everything they can to filter these fraudulent orders out, while trying to limit the disruption to the normal flow of business. It’s a never ending battle.

There are several things that you can do to help prevent being victimized by these fraudsters. Ensure that your home computer has the proper security measures in place. Use a firewall, and if you have questions about computer security, ask a professional.

Shred all documents before you discard them. Use a good quality shredder that will shred in multi directions, creating small pieces, not long strips.

NEVER click on a link in an email from a financial institution or retailer. If you have a need to respond to an email like that, go directly to the company’s web site yourself.

Verify a smaller business is legitimate before you buy online. Call the local Chamber of Commerce in that city.

Never open an email if you do not recognize who it is from or what is listed in the subject line.

Keep a credit card with a small credit limits for Internet purchases. I use one that has a $500 maximum credit limit. I use this card for Internet purchases, or if I travel and need to give the card to someone who could scan the card as described above. This will help limit the amount of damage that can be done if that card number is compromised.

If you should ever become the victim of Internet related crime or identity theft, here are some good links to consider using:

Identity theft information:

http://www.consumer.gov/idtheft/con_steps.htm

FBI identity theft and online crime reporting:

http://www.fbi.gov/contact/fo/fo.htm

For a few poor countries around the world it is the ‘Haves vs. the Have-Nots.’ They look at Americans as so rich, while they have so little. In Ghana, actual classes have been held in town squares on Saturday mornings, teaching residence how to set up a ‘business’ to do just what I have described above. It boosts their economy. In some places it IS their economy. They have mastered a great ability. They know us well. They take advantage of our greed, our laziness, our lack of preparation, our trustful attitudes, and/or our need for a little extra cash; whatever they can. And they laugh at the dumb Americans. They laugh all the way to the Bank of Nigeria.

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.