Survey Indicates ID Theft May Be Diminishing

netbuzz passed us a link discussing a survey conducted by major credit firms. Keeping in mind the source (CheckFree, Visa, and WellsFargo), the results indicate identity theft may be on the downswing as consumers wise up to scammers. The number of respondents that reported a fraudulent account created with a stolen identity dropped by a full half percentage point between 2005 and 2006. Overall fraud apparently dropped by some 12% over last year, representing $6.4 billion in fraud reduction. Again, consider the source: identity fraud is still apparently costing some $49.3 billion annually.

OB..

[StikyPad]

A talking moose wants my credit card number? Wait a minute.. I'm not falling for that again!

Re:

[Dr Caleb]

Vee only accept call from Moose AND Squirrel, Comrade.

Re:

[HMC CS Major]

I gave my credit card number to a talking moose, but there's no way I'm getting laughed at reporting it to the police again.

Maybe the Black Market is just saturated...

[Radon360]

Perhaps the people phishing for card numbers, SSN#'s have amassed so many at this point that they can still sell large blocks of them to unwitting thieves, even though a small number of them have already been flagged as potentially stolen by the financial institutions.

Then again, maybe the theives can purchase these blocks of numbers from the phishers using their credit card number to try and purchase them...

Re:

[Anonymous Coward]

This only looks at one specific type of fraud - applying for credit cards in someone else's name. There are many other scams out there, such as plain old carding. Also really popular lately is to steal bank account login/pw via phishing or keyloggers. Did they count that? What about ATM skimmers? I don't think there has been an overall decline, criminals are just using different methods.

Identify!

[AndroidCat]

Was the survey really sure that they were talking to CheckFree, Visa, and WellsFargo?

Re:

[organgtool]

Was the survey really sure that they were talking to CheckFree, Visa, and WellsFargo?

Who cares? The only thing that matters is that the survey managed to speak in the first place!

Consider the source?

[Ace905]

It's interesting that they're reporting this ; but you can't take flat-out numbers with a grain of salt. They're either correct or complete lies ; and I think we all know they have to be complete lies.

These companies don't report half the cases of identity theft to end-consumers, banks and definitely not the police because they don't want to alarm anybody -- especially when the case is unsolvable. I've had my bank card 'suspended' 3 times in the past two years because someone has stolen my pin and copied the card at a gas station or variety store and the bank tells me only, "The card was copied along with a number of other cards. Your account hasn't been effected, just come into the bank for a new card and choose a new pin".

My account hasn't been affected because the bank noticed it and silently footed the bill ; only even bothering to tell me because I couldn't use the card. I imagine a credit card that has no PIN on it - you would never notice ; and how much easier would it be to copy a credit card. You don't need to read the pin over someone's shoulder.

If theft is down or up you'll never know the truth. If it's down by half, why wouldn't they say it's down by 3/4's. Even a reduction, if it occurred would likely be embellished.

Speaking of embellished [douginadress.com].

Re:

[truthsearch]

These companies don't report half the cases of identity theft to end-consumers, banks and definitely not the police because they don't want to alarm anybody

No one will ever know the exact number of fraudulent transactions, you are correct. But that's because the perfect crime goes unnoticed. The two big credit card companies, plus most big banks, have departments dedicated to fraud. The credit card companies analyze fraud across the industry and help banks reduce it. They all attempt to find unreported

Re:

[Mephistophocles]

They're either correct or complete lies ; and I think we all know they have to be complete lies.

I agree, and given the source, I think it's safe to say that this report is simply irrelevant. It has the same intellectual honesty as a car salesman who screeches about having the biggest sale in recorded history, and should be given about the same attention.

Re:

[susano_otter]

It's interesting that they're reporting this ; but you can't take flat-out numbers with a grain of salt. They're either correct or complete lies ; and I think we all know they have to be complete lies.

Have to be? You've ruled out all other possibilities?

These companies don't report half the cases of identity theft to end-consumers, banks and definitely not the police

Half the cases? Do you have evidence to support this claim?

because they don't want to alarm anybody -- especially when the case is unsolva

Re:

[Ace905]

I remember having a similar conversation with the woman interviewing me for the University program I applied to ; unfortunately I had to answer her questions because I was trying to get in to the program but I felt like saying:

"I could waste all sorts of time using easily manipulated statistics to prove my theory, but in the end common sense speaks for itself"

To you I'm just going to say my entire point is that there is no evidence. cut it up and apply bad philosophy 101 logic to it all you want, pseudo-int

Re:

[susano_otter]

I don't think anybody would mistake my post for a researched, pompous essay.

Just so long as nobody mistakes your post for an accurate or informed assessment either, I don't see a problem.

But seriously, I was wondering if you really did have anything more than sophomoric, cart-before-the-horse, suspicion-equals-proof reasoning to bring to the table.

I'm guessing... no, not really.

Re:

[Ace905]

I took a look at your profile, you seem to enjoy playing "academic proof reader", arguing semantics over actual points and holding everybody up to the same level, wholly ridiculous playing field. You haven't actually disproved any of my points, so who really cares what your opinion is? I can claim I'm correct because you're lacking evidence to the contrary - or we can all see you for what you are.

If you can't say something nice, don't troll anything at all.

get lost.

Re:

[susano_otter]

You're the one making accusations of fraud, you're the one who has to provide evidence to support those accusations. I don't have to disprove anything. I'm just asking for your proof of your claims.

So far, you haven't given any. Instead, you've objected--and rudely, I might add--to the very fact that I'm questioning you about the proof for your claims.

These aren't nice claims claims you're making, either. And where in my original reply to you did I say anything mean or rude? Are you sure you really meant

Re:

[Ace905]

I don't have to provide anything ; go back to sophomore.

i'm not objecting to a 'very fact', i'm objecting to you.

you're not grading an essay ; so go don't-contribute-anything somewhere else.

Re:

[susano_otter]

You're accusing people of fraud. Without evidence, this is just your opinion. Without evidence, there's no reason for anybody else to share your opinion.

You want me to agree with you, right? That these numbers really are lies, and all that, right?

So why are you so strongly opposed to explaining the evidence on which your opinion is based? Why all the name-calling?

Is it really so hard for you to come up with any proof at all to back up your claims?

Do you really go around accusing people of major crimes wit

Re:

[Ace905]

Seriously, you're not even looking for evidence. You're a troll, trolling a little flame war thinly veiled as academic proof reading.

Obviously I don't care what you agree with, I would prefer it if you never agree with me.

I can back up all of my claims, I think the point I've made repeatedly is that I'm not going to - because it is my opinion, everybody except you knows it's my opinion, and everybody except you has agreed or disagreed without starting up some cheesy high-school debate team rules playing fi

Re:

[susano_otter]

So you believe major credit reporting companies are committing fraud on a grand scale, but you don't want anybody to believe you.

You say you can back up your accusations, but instead you insult anybody who asks you to.

So why did you even bother commenting on this story in the first place?

And why, if you were just presenting an opinion, did you present it as a fact?

This doesn't have to be a childish debate.

All you need to do is say, "good point, here's the facts that convinced me that these companies are lyi

Survey

[99BottlesOfBeerInMyF]

We sent a survey out by e-mail asking people for their name, phone number, credit card number, SSN, mother's maiden name, and asking if they had their identity stolen in the last year. 99% of those who responded with all the info, said they hadn't, while 80% of all responses said, "I'm not falling for that again." From this we conclude only 1% of people on average have been victims of identity theft.

...or that could be their methodology. It is hard to say since they do not seem to have published it, effectively making this study useless marketing. That makes sense given who paid for it.

1/2 percent????

[Anonymous Coward]

Thats funny because in the 2006 identity theft rose 100% percent for me.

Re:

[MarkGriz]

Slashdot stole my identity too, but then I remembered how to log in.

Phishing by snail mail

[andy1307]

Last week I receveied a letter in the e-mail telling me I had won a lottery and asking me for my bank information. Unlike the Nigerian scams, this was sent from Spain by snail mail. I've seen Nigerian scam e-mails before but this is the first phishing snail-mail I've received

Has anyone else experienced this?

Re:

[frosty_tsm]

Phishing existed long before internet and e-mail were the norm.

When I was young, I remember a snail-mailed phishing letter that my parents received (early 90s I think).

Re:

[Monkier]

yes - i remember my mum getting a hand written "business opportunity" letter from Africa in the 1980s.

Re:

[pluther]

Oh, yeah, it used to be much more common.
They just switched to e-mail because it's easier, cheaper, and harder to catch them at it. (There used to be actual investigations when someone engaged in inter-state fraud through the Post Office).

There are still companies that will send you misleading but not actually fraudulent snail mail along the lines of "You've been selected as the winner of this Brand New digital camera! Absolutely free, just sent $49.95 shipping and handling..."

Why have a survey at all?

[Robbyboy]

Looking at this article, I was wondering about the need for such a survey. Wouldn't the agencies involved be taking an active part in working with identity theft? Last time I checked, when you find out your identity has been stolen, you notify the Credit Card Companies and credit agencies. What I am wondering is how many people have been victims and do not yet know about it. With initiatives such as FACT ACT and consumer awareness, Id be interested to know how often people are checking to see if they have b

Dropped by a 'full half percent' ?

[ScentCone]

I guess that's better than a plain old regular half a percent.

Re:

[jaxom_01]

0.45% to 0.49% is a little half percent. 0.5% is a full half percent and 0.51% to 0.54% are big half percents. Its like my father told me (civil engineer) "The glass is not half empty nor half full...the glass was made too big." -Aaron

I doubt it...

[__aaclcg7560]

Someone stole my Slashdot ID to post bad messages and ruined my karma! :P

source??

[hackstraw]

Keeping in mind the source (CheckFree, Visa, and WellsFargo)

I recently got a "check" from my credit card for $20. By depositing that check they would automatically enroll me in an identity theft insurance protection plan.

For my convenience, they would bill my credit card (plus interest I assume).

Basically, this is legal fraud.

First, my CC is unsecured credit. If I don't pay, its no big deal aside from them screwing my credit or whatever they do.

My point, is that don't these people want the illusion that ID theft is on the rise so that they can sell this insurance to people?

Stuff like this makes me question humanity.

Time for New Tricks

[Dark Kenshin]

All this tells me is that all the old scrams that have been working so well in the past, have been passed around enough that they are fading out. It has been easy for scammer to operate, due to the fact they didn't really need to come up with new ideas, just copy and paste the old ones. If the old scams are starting to not work, I bet you will find a reworded one right around the corner soon. Scamming has been around for years, and probably always will. All it takes is for a new scam to not sound like the o

It still needs fixin

[tribentwrks]

I'm dealing with identity theft right now, but somebody elses. A Guy with a SS# 1 digit off from mine got his ID stolen, but it's showing up on my credit report. Should be easy to clean up, right? Nope. Have do the same exact steps -- wasted hours on phone calls, faxes, and police reports to prove that bad credit under a different name, address, AND social security number is really not my bad credit.

If you're wise, you will take advantage of the free credit reports, and get yours checked at least once a year.

hell, they got everybody's info by now

[swschrad]

why shouldn't it be winding down, anybody whose social security number or bank card ID is not compromised, please post it.... ;)

How they get the figures

[Skapare]

I called up my credit card company a couple months ago to report some fraudulent transactions on my statement. They informed me that since identity theft is declining, they don't believe me, and so they were rejecting my claim that I was a victim of identity theft.

... well, maybe that could be the source of their figured?

A different perspective

[causality]

I have a different perspective on scams and phishing (which often lead to ID theft).

In a way, the perpetrators of these ripoffs are actually doing humanity a favor. They are making stupidity more painful.

About the only case during which ID theft can happen that you cannot easily attribute (at least partially) to a fault of the victim is when customer information is stolen from a legitimate business and then abused to steal identities. Practically all of the rest of it relies on the naive nature and/or the greed of the victim, and both of these should be recognized as weaknesses, the exploitation of which is an eventuality. Put another way, anyone who sincerely believes that online requests for account numbers, their social security number, etc. should be responded to without first verifying their legitimacy is a fool, is begging for something like this to happen, and should see any theft that does happen as an educational experience in why you don't trust random, unverified strangers with your most confidential personal information.

If someone walked up to you in the street and said "Hi, I'm a manager at your bank, we need your account number and all of your personal information," you'd likely tell them (however politely or however rudely) to fuck off. At the very least, you'd ask to see some credentials before you'd actually give out any personal information. Why is it that when the same thing occurs via e-mail, so many people people shut down their common sense and critical thinking skills (whatever degree of those that may be left) and happily say "oh wow, I sure am glad they contacted me for my full name, address, date of birth, social security number, mother's maiden name, and account numbers before they locked my account!"? Would you really feel sorry for someone who did this? Or would you decide that the scammer in this case is providing one of the few remaining incentives to not be so careless and stupid with things that are important?

A simple observation can be made: all scams rely on either the stupidity (the willingness to give confidential information to anonymous people) or the greed (the expectation of receiving large sums of money for very little or no work), or both, of the victim. It would be impossible or nearly impossible to arrest and prosecute every last phisher and con artist in the world who wants to rip people off; indeed, even attempting to do so would require a police state. While it is still a good idea to go after the scammers, since it increases the risk of earning a living by ripping people off, this alone is never going to solve the problem. I propose that the problem could be solved not by going after relatively anonymous scammers who pop up all over the globe, but by hardening the targets. This is never going to happen so long as we coddle the less-bright (as evidenced by behavior) among us by telling them that they're innocent, helpless little people who fell victim to the big mean old scammers, but it could happen if we remind them that the event did not happen in isolation, that they exhibited contributory negligence, that in most cases no one gets your confidential information unless you personally give it to them, and that their lack of discernment helps to fund organized crime.

Just an idea, and it's something that I have never seen implemented on any sort of large scale, but what I do know is that what we are doing right now is not very effective. In any case, Aesop definitely had it right: a fool and his money are soon parted. You can't realistically remove the money from that equation, and you can't remove the desire to steal from every person on the planet, but you can certainly remove the fool from that equation.

Re:

[Mycroft_514]

>About the only case during which ID theft can happen that you cannot easily attribute (at least partially) to a fault of the victim is when customer information is stolen from a legitimate business and then abused to steal identities.

Which is exactly what happened to me 2 weeks ago. And the legitamate business? My OWN employer! To get the corporate discount on services, you have to enter your credit card to generate an acocunt number. Well, on the last transaction, phony transactions started. And t

Re:

[JimBobJoe]

In a way, the perpetrators of these ripoffs are actually doing humanity a favor. They are making stupidity more painful.

Stupidity, by its very nature, is already painful. There are however better and cheaper ways of teaching these lessons (cheaper for both the person learning, and for society as a whole.)

I also think there is a massive amount of institutional stupidity, the consequences for which are not being borne by the institutions responsible. I think whoever came up with the idea of tying credit burea

Re:

[causality]

Stupidity, by its very nature, is already painful.

Considering how widespread stupidity has become, it is obviously not painful enough to provide a disincentive.

I also think there is a massive amount of institutional stupidity, the consequences for which are not being borne by the institutions responsible.

The idea that any institution takes on a life of its own, independent from the people of which it is composed, is an illusion that I wish we could put to rest. If institutions are stupid, it's bec

Re:

[StikyPad]

all scams rely on either the stupidity...or the greed...or both, of the victim.

I guess that either depends on your definition of scam, stupidity, or both. Someone may be stupid for clicking on a link sent to them by what is, or appears to be, a trusted source, which happens to redirect to what appears to be an Error/Re-login page for their e-mail. Once that password has been compromised -- the weakest link in most cases -- the attacker can begin to take advantage of "Forgot your password" features on othe

Re:

[causality]

I guess that either depends on your definition of scam, stupidity, or both. Someone may be stupid for clicking on a link sent to them by what is, or appears to be, a trusted source, which happens to redirect to what appears to be an Error/Re-login page for their e-mail. Once that password has been compromised -- the weakest link in most cases -- the attacker can begin to take advantage of "Forgot your password" features on other sites.

Actually in most computers/networks that are even nominally secure, th

Re:

[kripkenstein]

In a way, the perpetrators of these ripoffs are actually doing humanity a favor. They are making stupidity more painful.

Looking at it another way, these ripoffs make immorality more enjoyable (i.e. for the perpetrators).

Doesn't sound good to me.

Education is the key

[Mad-cat]

Quick note: I am a law enforcement officer and have a background in network management.

One of the issues I face in investigating identity-theft related crimes is the lack of knowledge the general consumer has. That seems to be changing.

About a year ago, the typical victim of identity theft would ask questions like "How can they be using my credit card if I have it right here?" or "I'll bet it was the waiter at that restaurant last week who looked at me funny. He can charge any price he wants on their system, right?"

Now, my typical victim of identity theft is much more aware, and usually has the credit reporting agencies and banks notified of the problem within hours instead of days or weeks. They know in advance what to do, and don't have to be told how to help themselves.

I have to hand it to the average citizen. They are catching on about internet safety. Not completely and not quickly, but it's a major improvement.

No kidding...?

[djupedal]

You mean those few thousands of corporate email accounts I just waded into this morning, allowing me to send mail from anyone's account, indicate a downturn...?

What's a guy gotta do to get some dust in the air nowadays, anyhow...sheesh!

craigslist ads attract phishers

[roman_mir]

I advertised a room on craigslist and some of the messages that I got were obviously sent to me by phishers trying to get my bank account information. It was quite easy to distinguish these attempts from legitimate inquiries. The 'people' in these messages were more interested in creating an image of themselves than trying to get a viewing. The language in the message would be more appropriate for a personal ad rather than the topic at hand (renting out a room.) Some 'people' even send fake photos of th

Brilliant!

[SaberTaylor]

Identity theft illustrates the difference between accidental systems and designed systems.

Provide a design proposal for a national system that provides authentication for every social networking site, every ssh, every sftp, every login domain, every banking website, every email account.

The system design principles:
1.) All users will have a single universal password for all of these authentications.
2.) The user may not change their password unless something unusual has happened.

I have to think...

[WeeBit]

That maybe the credit industry just doesn't want that type of publicity. So they tighten things up before they became a victim spilling the beans to the public, news, and in snail mail to their ill customers.

Subject

[Legion303]

Some of it may be diminishing due to people who "wise up" to scammers, but those of us who already knew better still get screwed by third parties who lose SSN information. Like my old school, Metropolitan State College of Denver. Or the people who manage my student loan payments, Nelnet. Basically, fuck those guys right in the ear.

Half a percent?

[KevinColyer]

Since when did a reduction in half a percent become statistically significant?

Identity stolen - by Credit Card employee

[AnalogDiehard]

A year ago I got a call from AmEX about suspicious purchases totaling over $2000. Not only did I tell them that the charges were fraudulent, but I had yet to use my card - with a new CC # - since the new one was mailed to me. An AmEX employee had stolen the CC number.