Although identity theft has gotten a wealth of attention over the last few years, the problem is far from gone. In actuality, the threat is growing, to the point where anyone who shops, surfs, or works online needs to be more vigilant than ever.
The ease of online transactions is attractive to individuals and companies alike. Who hasn't appreciated being able to pay a bill at 3 a.m., regardless of whether they've actually done it or not? Unfortunately, this quick and easy access to online records has its downside in identity theft. Often, the crime is only discovered when a bank account is suddenly empty or numerous credit card accounts are opened and maxed out. Last year, 10 million Americans were victims of identity theft, an increase of 41 percent over the previous year.
"It's the fastest-growing crime," says James Van Dyke, founder and principal analyst of San Francisco-based Javelin Strategy and Research. "I think consumers still have no idea how widespread it is."
Sneak thieves
As technology becomes more prevalent and sophisticated, so do hackers and other miscreants who see tech as an entryway for fraud. One of the newest threats is called phishing--basically, a bad guy creates a Web site that looks as if it's part of a legitimate financial institution, like Citibank. Often, the site is a pop-up window that piggybacks on the real site. Then, he sends out thousands of spam messages telling consumers that they have to re-register with Citibank due to a security upgrade, or another seemingly mundane reason.
Because the link inside the e-mail is a trusted one, like www.citibank.com, the person clicks through, sees the legitimate site and the pop-up window, and assumes they're related. After some entry of personal info like a Social Security number and a credit card number, Mr. Responsible Consumer becomes one of the thousands who've gotten scammed by the technique.
Dave Jevans, chairman of the Anti-Phishing Working Group, says that the problem is increasingly serious. Worse, these aren't just kids who know their way around a broadband connection.
"It's pretty clear that organized crime is involved," Jevans says. "Because of where it's coming from, like eastern Russia, and the fact that the FBI is really involved in watching this, makes it evident that this international cybercrime at its peak."
The FBI is concerned that phishers are using the ill-gotten money to fund terrorism. There'd be plenty to use--phishers can make 10 times more money with the fake Web site method than they would by hacking into company servers or spying on e-mail.
The identity thieves of yesteryear are still around as well. Usually termed dumpster divers, these are people who dig through trash outside of a house or company, hoping for records that show Social Security numbers or bank information. Since they're technologically savvy, these divers have also learned that old computer equipment can still hold information, even if it seems like everything's been erased.
New weapons
The news that identity theft is growing so quickly might be enough to make someone want to pack up and head for an unwired cabin in the hills, but there's good news to go with the bad. First, there's been recognition of the problem by legislators as well as by financial institutions. Such an overwhelming amount of fraud has the potential to cripple banks and credit card companies--and to frighten congressmen as well.
The Anti-Phishing Working Group is just one of many organizations that have made the issue into a crusade. Sites like Identity Theft 911 and Identity Theft Resource Center have numerous resources for individuals who are trying to prevent theft, or need information on what to do if they've become a victim.
Perhaps the most important step toward limiting identity theft is coming from financial institutions like Citibank, US Bank, and Wells Fargo. This makes a great deal of sense, given how much these companies have to lose. Citibank in particular has tried to attack the problem with television ads, notices on its Web site, and policies that protect cardholders if they become victims of the crime.
With legislation, organization, and better protection from banks and credit card companies, there's a possibility that identity theft can finally be minimized. But that will only happen if consumers become educated, and work to protect themselves, says John Movina, spokesperson for the Coalition Against Unsolicited Email.
"At the end of the day, user education is the only thing that works long-term," Movina notes. "You can create technical blocks and try to enact legislation that will limit the damage, but to prevent it from happening in the first place, you have to have an educated consumer who doesn't fall for the tricks and scams in the first place."
