http://seattlepi.nwsource.com/local/251779_lcenter13.html By DEBORAH BACH SEATTLE POST-INTELLIGENCER REPORTER December 13, 2005 Applying for a job at an electronics store two years ago, Zach Friesen was stunned to learn that the store manager was turning him down because of his terrible credit record. "I looked at him and said, 'I've never had credit in my life. What are you talking about?'" the 19-year-old recalled. Someone had rung up about $40,000 worth of bills related to a houseboat purchase under Friesen's name -- when he was 7 years old. The fraud went undetected for a decade, and only when he applied for the job did Friesen discover that he was a prime target for identity thieves, who are increasingly focusing on young people. Friesen cleared up the situation and got the job. Since August, the University of Colorado sophomore has been traveling to high schools in various states, educating teens about identity theft through an initiative undertaken by Qwest Communications. Also participating in that effort is Judith Collins, a professor of criminal justice at Michigan State University who recently spoke to students at Franklin High School in Seattle. "How many of you know what it means to be credit-worthy?" Collins asked, standing at the front of the room. No hands were raised. "Anyone familiar with credit reporting agencies?" Again, no hands. That lack of knowledge, Collins told the class, is exactly what makes 18- to 29-year-olds the quickest-growing group of identity theft victims. Teens typically don't have credit reports, having never applied for a loan or a credit card, which leaves their Social Security numbers lying dormant for years. "Perpetrators know this," Collins said. "That's why you're so vulnerable." Collins knows all too well what she's talking about. She was an expert on white-collar crime when someone obtained her Social Security number in 1999 and used it to open 33 credit card accounts, ordering masses of merchandise to a post office box in California. Though a federal law passed in 1998 made identity theft a criminal offense, Collins said she got little help from police and conducted her own investigation. She uncovered about 25 other victims living within a 45-mile radius of her home who all went to the same medical clinic, leading Collins to suspect that someone broke into the clinic's patient database. The experience was "so traumatic" that Collins turned her attention to identity theft, helping start Michigan State's Identity Theft Crime and Research Laboratory. She has worked with hundreds of young people since that time and has many harrowing stories -- of teens whose bank accounts have been cleaned out, who have been denied employment and student loans or ended up with criminal records resulting from crimes committed using their identity. Collins recounted the experience of a young woman at Michigan State who was studying in the library one day and went to the bathroom, leaving her backpack with her purse inside sitting by her table. When she returned her purse was gone, taken by a woman who police believe was casing the campus, looking for someone who resembled her. Spotting the young Latino woman, with long, dark hair like her own, she'd found her match. The thief used the student's driver's license to cash a bad check -- unbeknownst to the victim until police showed up at her home on Christmas Day and arrested her in front of her extended family. Teens' belief in their invincibility, Collins said, puts them at additional risk. According to the National Cybersecurity Alliance, 40 percent of Americans under 25 believe that they are more likely to be hit by lightning, audited by the IRS or win the lottery than be the victim of a computer security problem. In reality, computer security breaches -- viruses, hacking and scams -- affect about 70 percent of computer users. Federal Trade Commission statistics for 2003 show that of the approximately 10 million cases of identity theft that year, the largest percentage -- 28 percent -- was among 18- to 29-year-olds. Washington ranked 10th in the nation in identity theft per capita, with credit card fraud the most common form. >From money laundering to drug trafficking, Collins said, identity theft is used in almost every crime committed today, costing the U.S. economy an estimated $50 billion annually. Terrorists rely on assumed identities to conceal their activities and whereabouts, she said, mentioning that al-Qaida training manuals contain tips on stealing identities. "It's the crime of the 21st century," she said. Thieves access personal information through myriad means, from lifting records from the workplace to stealing mail containing bank statements, credit card offers and tax information. They rummage through trash, use "change of address" forms to divert mail to another location, steal purses and wallets, and obtain credit reports by posing as a landlord or an employer. More sophisticated crooks hack into databases or scam victims through "phishing" -- sending e-mail or pop-up messages that claim to be from a legitimate business or organization asking the recipient to update, validate or confirm his or her account information and often warning of dire consequences for failing to act. The messages direct victims to Web sites that look just like the real thing -- for example, PayPal or eBay. Finding a mother's maiden name, a commonly suggested password on many Internet sites, is pay dirt. From there, Collins said, thieves can obtain original birth certificates, get Social Security cards and even apply for passports. "They engage in complete identity takeover," she said. Once they collect enough personal information, thieves might call credit card issuers to change the billing address on an account, then run up charges on it. They might open credit cards under the assumed name, creating delinquent accounts that become part of the victim's credit report. They might apply for phone or wireless service under stolen names, open bank accounts and write bad checks on them, buy cars, get jobs, file fraudulent tax returns or file for bankruptcy. They may give the victim's name to police during an arrest and when they ignore a court date, an arrest warrant is issued for the victim. Though identity theft can go undetected for years, Collins said, sudden pitches from credit card issuers or banks to teens should serve as a red flag. Potential victims can find out if a credit report has been issued in their name by asking any of the three major nationwide consumer reporting companies -- Experian, Equifax and TransUnion -- for a copy of their credit reports. The Fair Credit Reporting Act requires reporting agencies to provide any consumer with one free credit report annually upon request. With teens making up about 20 percent of its customer base, Qwest last year hosted a summit in Denver on protecting young people from Internet theft. The company launched a public awareness campaign, developing an educational video with the Denver District Attorney's Office and hiring Collins to develop a curriculum. Melodi Gates, Qwest's director of information security, said that as more young people became company customers, Qwest looked at what sort of educational outreach programs were available to them about identity theft and found very little. "We saw an opportunity to bring a message to people who might not have heard as much (about it) and are increasingly a set of victims," she said. Friesen, the college sophomore, spends about a week each month traveling around talking to young people in the hope that he can help them avoid the situation he found himself in two years ago. He realizes he escaped relatively unscathed, but the experience is nonetheless disquieting. "I haven't seen any more problems so far, but that's not to say I won't," he said. "I know my number's out there. But thanks to getting involved with Qwest and their campaign, they've done a great job in helping me understand more ways to keep myself safe." PROTECTING YOUR IDENTITY * Never carry your Social Security card or birth certificate with you. Keep them in a safe place at home. * Don't loan your cell phone, driver's license, checkbook or credit card to anyone. * Don't leave your purse, wallet or backpack unattended. * Don't use your mother's maiden name for a password. Choose strong passwords and change them often. * Don't respond to e-mails asking for personal information, even if they appear to be from legitimate Web sites. If you are concerned about your account, call the organization or open a new Internet browser and type in the company's correct Web address yourself. Do not cut and paste the link from the message into your browser -- phishers can make links look as if they go to one place, but instead send you to a different site. * Never e-mail personal or financial information. * Use anti-virus software and a firewall, and keep them up to date. IDENTITY THEFT WARNING SIGNS * Applying for a driver's license and discovering that one has already been issued in your name. * Telemarketers calling and asking to speak to you. * Receiving preapproved credit card offers, bank statements or collection statements in the mail. * Being denied applications for student loans, an apartment or a credit card. For more information about how to obtain a credit card and what to do if you're a victim of identity theft, go to www.incredibleinternet.com © 1998-2005 Seattle Post-Intelligencer _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Wed Dec 14 2005 - 19:01:09 PST