Entries Tagged "identity theft"

Page 5 of 13

E-Mail After the Rapture

It’s easy to laugh at the You’ve Been Left Behind site, which purports to send automatic e-mails to your friends after the Rapture:

The unsaved will be ‘left behind’ on earth to go through the “tribulation period” after the “Rapture”…. We have made it possible for you to send them a letter of love and a plea to receive Christ one last time. You will also be able to give them some help in living out their remaining time. In the encrypted portion of your account you can give them access to your banking, brokerage, hidden valuables, and powers of attorneys’ (you won’t be needing them any more, and the gift will drive home the message of love). There won’t be any bodies, so probate court will take 7 years to clear your assets to your next of Kin. 7 years of course is all the time that will be left. So, basically the Government of the AntiChrist gets your stuff, unless you make it available in another way.

But what if the creator of this site isn’t as scrupulous as he implies he is? What if he uses all of that account information, passwords, safe combinations, and whatever before any rapture? And even if he is an honest true believer, this seems like a mighty juicy target for any would-be identity thief.

And—if you’re curious—this is how the triggering mechanism works:

We have set up a system to send documents by the email, to the addresses you provide, 6 days after the “Rapture” of the Church. This occurs when 3 of our 5 team members scattered around the U.S fail to log in over a 3 day period. Another 3 days are given to fail safe any false triggering of the system.

The site claims that the data can be encrypted, but it looks like the encryption key is stored on the server with the data.

EDITED TO ADD (6/14): Here’s a similar site, run by atheists so they can guarantee that they’ll be left behind to deliver all the messages.

Posted on June 2, 2008 at 1:09 PMView Comments

Identity Theft from the Dead

List of deaths, intended to prevent identity theft, is used for identity theft:

Ironically, the government produces the monthly Death Index so that banks and other lenders can prevent people from applying for credit using a dead person’s information—the index is made public by the Department of Commerce under the Freedom of Information Act. The caper Kirkland’s accused of mastering apparently exploits a loophole, by taking over accounts that are already open.

Posted on April 25, 2008 at 6:01 AMView Comments

Credentica

Cryptographer Stefan Brands has a new company, Credentica, that allows people to disclose personal information while maintaining privacy and minimizing the threat of identity theft.

I know Stefan; he’s good. The cryptography behind this system is almost certainly impeccable. I like systems like this, and I want them to succeed. I just don’t see a viable business model.

I’d like to be proven wrong.

Posted on February 15, 2008 at 5:02 AMView Comments

Identity Theft Study

Interesting study: “Identity Fraud Trends and Patterns: Building a Data-Based Foundation for Proactive Enforcement,” October 2007. It’s long, but at least read the executive summary. Or, even shorter, this Associated Press story:

Researchers reviewed 517 cases closed by the Secret Service between 2000 and 2006. Two-thirds of the cases were concentrated in the Northeast and South and there were 933 defendants. The Federal Trade Commission has said about 3 million Americans have their identities stolen annually.

The study found that 42.5 percent of offenders were between the ages of 25 and 34. Another 18 percent were between the ages of 18 and 24. Two-thirds of the identity thieves were male.

Nearly a quarter of the offenders were born outside the United States.

Eighty percent of the cases involved an offender working solo or with a single partner, the report found.

While identity thieves used a wide combination of methods, fewer than 20 percent of the crimes involved the Internet. The most frequently used non-technological method was the rerouting of mail through change of address cards. Other prevalent non-technological methods were mail theft and dumpster diving.

Of the 933 offenders, 609 said they initiated their crime by stealing fragments of personal identifying information, as opposed to stealing entire documents, such as bank cards or driver’s licenses.

Most of the offenses were committed by non-employees who victimized strangers. Employee insiders were the offenders in just one-third of the 517 cases. When an employee did commit identity theft, the offenders were employed in a retail business in two out of every five instances, the report said. Stores, gas stations, car dealerships, casinos, restaurants, hotels, doctors and hospitals were all considered retail operations in the study.

In about a fifth of the cases, the employee worked in the financial services industry.

Posted on November 7, 2007 at 7:36 AMView Comments

Synthetic Identity Theft

Synthetic identity theft is poised to become a bigger problem than regular identity theft:

Unlike traditional identity thieves, who purloin people’s information to get loans or make purchases, fraudsters like Mr. Rose mix legitimate and phony data to create synthetic identities. This kind of fraud doesn’t usually directly affect consumers. The big losers are banks, which get stuck with loan defaults and unpaid credit-card bills that identity thieves leave behind.

Actually, real people do get harmed:

The men paired fake names with Social Security numbers of real people. Adam Gregory, the purported Las Vegas resident, had the Social Security number of a real California resident.

The conspirators needed addresses for their synthetic identities and for a dozen or so shell companies that helped to facilitate the scam. Eventually they rented 200-odd apartments in 14 states. They kept binders of data in their Phoenix headquarters to keep the details straight.

The duo acquired business licenses, usually online, for the dummy businesses. A few had real offices with furniture; others rented “virtual” office space. After Messrs. Rose and Newton triggered the credit bureaus to set up no-hit files for their synthetic identities, their shell companies fed false data to credit bureaus.

More here.

Posted on November 5, 2007 at 6:14 AMView Comments

1 3 4 5 6 7 13

Sidebar photo of Bruce Schneier by Joe MacInnis.