Article: Portrait of an identity thief

I found a thread on Slashdot.org this week: “Portrait of an identity thief” talking about a profile The New York Times did recently on a young man in his early twenties, who scammed hundreds out of thousands of dollars.

NYTimes.com (07/04/2006): Identity Thief Finds Easy Money Hard to Resist

Excerpts…

Identity theft can, of course, have its origins in a pilfered wallet or an emptied mailbox. But for computer-savvy thieves like Mr. Sharma, the Internet has forged new conduits for the crime, both as a means of stealing identity and account information and as the place to use it.

Apparently, he became quite adept at being able to con novice Internet users out of their personally identifiable information. With the money, he acquired better tools to conduct more elaborate online cons.

Among the items seized from his parents’ basement were a computer, two digital cameras, a scanner, nearly 500 blank plastic identity cards with magnetic strips, two Marine Corps ID’s — with Mr. Sharma’s name and photo — and a newer model Eltron photo ID printer. A search of his computer revealed personal identifying information on hundreds of people from across the country.

Take away lessons…

• Use common sense.
• Don’t believe every thing you read online. Be suspicious of any email that asks you for your information, credit card, or to login to your account. Especially watch for misspellings, a common sign of a con. If the email seems legitimate, call the customer service number of the company you deal with to verify.
• Be mindful of social engineering traps. Con artists might call you over the phone for a simple request. Before you realize, you may have given away a piece of private information.
• Look carefully at the Web page url. A common trick is to substitute other characters or numbers in a url. At brief glance, you may not realize the deception. For example, www.aol.com might have a zero substituted for the “O”, or a capital “I” for the lowercase “L”.
• Never, never, never send private details by email, even to close friends or relatives. Although extremely convenient, Emails sent over the Internet are often insecure packets of information that can be viewed or intercepted by people with the right tools. It is better to call the other person and verbally pass confidential information, passwords, etc.
• Watch your home mail box. Put a lock on it if possible, or be vigilant to pick up the mail as soon after the letter carrier has delivered. If you can afford it, a P.O. Box is safer.
• Shred papers and statements before you throw them out. Tear the name and address labels off your magazines, too, before you discard them.
• Watch the gas station attendant or restaurant server when they take your credit card. Some carry special hand held card readers to pull the data off the magnetic strip of your card. Then they sell all that data to some thief with the equipment to manufacture replacement cards with your data on them.

Links…

• NYTimes: Graphic of an identity theft scheme
• Chaos365: Protect your personal information

I hope you find this useful. Please post your opinion.
-Roland

Roland Reinhart is an interactive marketing professional who is concerned about how personally identifiable information is handled. His observations can be found at Chaos365.com and AdMadMan.com.

©2006 Roland Reinhart. All Rights Reserved.