Criminals have evolved from picking pockets to using more sophisticated methods of theft. Today, thieves can steal personal information and use another person's identity to commit numerous forms of fraud. Identity theft, the criminal act of assuming another person's name, address, social security number, and date of birth in order to commit fraud, affects approximately 350,000 to 500,000 victims annually.  Fraud is intentionally deceiving a person or business in order to obtain property or some lawful right.  Identity theft differs from other forms of less calculated fraud. For example, a juvenile using someone else's driver's license to purchase alcohol does not constitute identity theft. Although intentional deception exists, using someone else's license to make a purchase does not result in a loss to the victim company.
The Identity Theft and Assumption Deterrence Act of 1998 made identity theft a federal crime and recognized the true victim--the person who had their identity stolen. This act enables law enforcement agencies to investigate identity theft crimes and the associated fraud that often results.  In 1997, the Financial Crimes Division of the U.S. Secret Service investigated 9,455 cases of identity theft with losses totaling $745 million.  In the past decade, the U.S. Secret Service has observed an increase in financial institution, credit, and computer fraud facilitated by identity theft.  One of the three major credit bureaus reported 522,922 consumer inquiries in 1997, with two-thirds of this amount related to identity theft, up from 35,000 in 1992.  The amount of identifying information available over the Internet and from an individual's trash and mail as well as the increasingly sophisticated tactics used by criminals has facilitated the increase in identity theft. By examining how identity theft occurs and the steps to resolve it, preventive measures can curb this fast-growing crime.
HOW IDENTITY THEFT OCCURS
Identity theft can occur in many ways. Identity thieves scavenge through garbage, steal and redirect mail, use internal access of databases, and surf the Internet searching for personal information. To combat the growing number of identity theft cases, law enforcement officials should know how thieves gather another person's identifying information.
An individual or business that fails to dispose properly of personal identification information, by shredding or mutilating, could find themselves susceptible to a "dumpster diver"--an individual who retrieves discarded material looking for anything of value. Dumpster divers obtain account numbers, addresses, and dates of birth from financial, medical, and personal records--all of which they can use to assume an identity.
One dumpster diver drove around affluent neighborhoods on garbage collection day.  He picked up garbage bags left on the curb, took them home, and rummaged through them. The social security numbers and preapproved credit cards he obtained from the garbage, along with using rented mailboxes, cloaked him from his crimes.  Businesses that rent mailboxes for short periods of time make tracing a dumpster diver difficult. These companies do not require a lot of information about the renter, which aids the individual in remaining mobile and isolated from the crime. Law enforcement agencies should establish mutual agreements with these businesses to facilitate information gathering. Additionally, police may deter dumpster divers by patrolling residential areas more aggressively on garbage collection days and during the tax season, a prosperous time for dumpster divers. Many taxpayers dispose of old receipts and financial records carelessly. Through town hall meetings, local newsletters, or community bulletins, law enforcement departments can disseminate prevention information on identity theft. By encouraging people to shred documents and by enforcing local trespass ordinances with regard to residential and industrial dump sites, law enforcement agencies can prevent thousands of identity theft cases.
Mail theft presents another way criminals obtain personal identification information. Thieves check mailboxes looking for paid bills or credit card payments that people leave in their mailbox for the postal carrier to collect. Thieves use information from these items to obtain credit or to purchase products and services in the victim's name. Further, mail theft can occur from mail processing areas by postal employees.
Additionally, criminals might attempt to complete a change of address card in order to divert the victim's mail to a rented mailbox. Police agencies should instruct victims to notify their postal inspector immediately if they suspect that someone has forwarded their mail to another location. Law enforcement departments should urge people not to leave their paid bills in the mailbox for the carrier to collect and recommend that residents drop their paid bills and account payments at the post office or in a locked mailbox.
The Citrus Heights Police Department in Sacramento, California, conducted community meetings, which revealed that mail and identity theft had become significant problems for citizens.  By contacting mail couriers or the local postal inspector, officers can determine if mail theft presents a problem in their jurisdiction. Cooperation between law enforcement and postal officials will make mail theft more difficult.
Internal access refers to an individual obtaining personal information illegally from a computer connected to a credit reporting bureau or to an employee accessing a company's database that contains personal identification information. Such an insider will look for names similar to their own, or for someone with good credit, intending to assume their identity and commit credit fraud. Also, the employee may attempt to sell the personal information to another thief. This happened in Fayetteville, California, when a consumer learned that her credit report revealed five new accounts issued in her name. An identity thief had charged over $65,000 of unsecured debt using her identity. 
The negligence of a company that permits such access in an unmonitored environment contributes to this type of identity theft. One medical office employee illegally obtained a patient's name and social security number, established a credit line, rented an apartment, and earned income in the patient's name. 
To reduce the misuse of personal information, police departments with financial or crime prevention units should conduct 1- or 2-day workshops with businesses that have the threat of internal access fraud. Law enforcement representatives should work with business security managers to suggest possible restrictions and procedures to limit access to personal identification information.
Computerized Information and the Internet
Today's information age changes the way thieves commit crimes. With so much personal information obtainable in the networked world, thieves can access information easily. They find personal identifying information through computerized information services, also known as information brokers. These services collect, sort, package, and sell personal information in electronic form to other businesses and individuals. Computerized information services may not safeguard the personal information adequately nor screen purchasers of computerized information appropriately, creating the opportunity for an identity thief to commit fraud. Private companies and individuals in some states can purchase driver's license information and photos, traditionally restricted to law enforcement authorities. South Carolina and Florida officials sold millions of digital photos of driver's licenses to private companies, which raised serious questions about personal privacy. Who has access to the information? How will individuals and co mpanies safeguard the data? After a surge of citizen complaints and questions, state officials in Florida and South Carolina halted the sale of digital photographs. 
According to one organization, the Internet also provides opportunities for identity theft.  Compromised public and private networks endure millions of dollars in losses, annually.  In the case of one company, a security breach allowed anyone to view thousands of private customer information files that revealed names, addresses, and other personal information, without restriction.  Company officials corrected the problem quickly, but many consumers began to question the guarantees of information confidentiality and realized the vulnerability of information on the Internet.
HOW TO RESOLVE IDENTITY THEFT
Victims may need months or years to restore their credit and reputation. Law enforcement agencies should advise citizens to report identity theft immediately. Departments should gather as much documented evidence from the victim as possible. After completing the initial report, agencies should provide a copy to the victim, along with the phone number of the fraud investigator assigned to the case. Credit card companies, banks, and insurance companies often require the police report to verify the crime.
After notifying the police, victims should take the necessary steps to mitigate and resolve the damage caused by identity theft. Departments can provide these steps through a booklet or private consultation with an investigator, using separate procedures for different types of identity theft. Although other forms of identity theft exist (e.g., theft of cellular phones, driver's licenses, passports, and checks), credit theft remains the most common.
Law enforcement agencies should instruct victims to contact their current credit card and loan companies about the theft. Victims should cancel old cards and order new cards with different account numbers. The victim should inform all check-monitoring agencies of the theft and alert the fraud departments of the three major credit bureaus in order to place a hold on accounts.
Additionally, victims should complete and submit a credit fraud report with a victim statement to the credit bureaus. The victim statement should explain briefly that an individual has used their identity fraudulently to apply for credit and provide a contact number to verify credit applications, as well. Victims should request the credit bureaus to provide free monthly credit reports to monitor for evidence of new fraudulent activity. Departments should recommend that victims keep a log of all conversations with police officers and financial institution officials. Agencies should advise victims that no one can remove information from their credit report and warn them about credit repair scams that promise to restore tarnished credit reports. Officers may need to refer traumatized victims of identity theft to support groups, which can assist and support identity theft victims as well as help in the recovery process. 
HOW TO PREVENT IDENTITY THEFT
Law enforcement agencies, as well as businesses and consumers, have an equal obligation to fulfill when preventing identity theft. Agencies can disseminate information to minimize the risk of identity theft through their Internet sites, local media, or community policing initiatives, such as Neighborhood Watch meetings and community liaisons. Departments should recommend that individuals check their credit report annually to ensure accuracy and report any discrepancies to credit bureaus for corrective action.
Additionally, agencies should advise individuals to reduce the amount of personal information that exists in the public domain and encourage people to remove their names and addresses from telemarketing lists. They should disclose personal information only when necessary. Other tips include shredding financial documents and preapproved credit card applications, which minimizes the threat of dumpster divers obtaining valuable personal information. Law enforcement officers should advise consumers who purchase products over the Internet to use a secure site, which encrypts their personal information, to place their order.
Identity theft has escalated dramatically. Local and state law enforcement agencies handle thousands of identity theft cases. Recognizing this increase, state legislatures have begun adopting statutes that make stealing a person's identity a crime, giving law enforcement the necessary tools to battle this fast-growing offense.
Some consumer advocates have estimated that identity thieves victimize as many as 1,000 people per day. Some criminals use conventional methods, such as dumpster diving and mail theft, while others use newer technology, such as insider computer access and the Internet, to obtain a fraudulent identity. The various ways that criminals use personal information will change as technological developments continue. Police can assist in the recovery and prevention of identity theft by providing corrective steps and helpful tips that allow citizens to avoid the traumatic consequences that result.
Mr. Lease served as a military police officer and is currently a graduate student-researcher at Radford University in Radford, Virginia.
Mr. Burke, a former police officer, is an associate pro lessor with the department of criminal justice at Radford University in Radford, Virginia.
(1.) L. Wolf, "Theft of Identity, Credit Abuses Stir Anguish," The San Diego Union Tribune, February 10, 1999, B1.
(2.) M. Pena, Practical Criminal Investigation, [3.sup.d] Ed. (Placerville, California: Copperhouse Publishing Company, 1993).
(3.) 18 U.S.C. 1028.
(4.) T. Lowry, "Information Brokers Put on Brakes, New Limits to Cut Identity Theft," USA Today, January 18, 1999, 3B.
(7.) J. Hoffman, The Art and Science of Dumpster Diving, (Port Townsend, Washington: Loompanics Unlimited, 1993).
(8.) T. Dacolias, "Identity Theft," available from http://www.congames.com /identity.html, hind, accessed on March 5, 1999. This site is no longer accessible.
(9.) D. Richie, "Police Eye Residents Concerns, Drug Dealing Seen As City's Top Trouble," The Sacramento Bee, January 31, 1999, Nl.
(10.) B. Horne, "Identity Theft Disrupts Fayetteville Woman's Life," Fayetteville Observer-Times, September 21, 1998.
(11.) State of California, Department of Consumer Affairs, "Credit Identity Theft: Tips to Avoid and Resolve Problems," Legal Guide P-3, January, 1998, 1.
(12.) R. O'Harrow and L. Leyden, "Firm Got Almost $1.5 Million in Federal Aid to Build Driver's License Database," The Dallas Morning News, February 18, 1999, 6A.
(13.) The Computer Security Institute, established in 1974, is an organization of computer security professionals dedicated to serving and training information, computer, and network professionals. It offers classes in encryption and intrusion management.
(14.) Newswire, "eBay Selects Equifax Secure to Verify Identity of Buyers, Sellers Over the Internet," January 15, 1999.
(15.) T. Hamilton, "Privacy Czar Raps Absence of Online Protection, Commissioner Says Electronic Commerce Will Stagnate until Regulations Establish Trust on the Internet," The Globe and Mail, March 4, 1999, TI.
(16.) California Public Interest Research Group, "Victims of Identity Theft Action and Support Group," available from http://www.igc.apc.org/pirg/calpirg/consumer/privacy/toi/voit.htm; accessed on January 5, 2000.
(17.) Supra note 4.
Recommendations and Strategies for Preventing Identity Theft
* Patrol residential areas on trash collection days and during the tax season.
* Enforce trespass laws with regard to residential and industrial dump sites.
* Advise citizens to shred documents and drop off mail in a locked mailbox.
* Remind people to be cautious using automated teller machines.
* Disseminate information to the public on how to mitigate and prevent computer, credit, and cellular telephone fraud.
* Suggest restrictions to businesses to reduce internal access fraud.
* Educate officers about the various methods used to commit identity theft and the resulting types of fraud.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||nature of the crime and how to prevent it|
|Author:||BURKE, TOD W.|
|Publication:||The FBI Law Enforcement Bulletin|
|Article Type:||Statistical Data Included|
|Date:||Aug 1, 2000|
|Previous Article:||Rethinking Investigative Priorities.|
|Next Article:||Lowest Number of U.S. Police Deaths in 35 Years.|