1. No category

Stolen Childhood

Stolen Childhood
How to protect your child’s
identity from thieves
Imagine an 18-year-old preparing to go to college: She applies
for a driver’s license and a student loan—and gets rejected for
both. Or maybe she’s applying for her first job, but doesn’t
get hired because her background check turns up past
criminal activity. Someone else has been using her
Social Security number, leaving behind a criminal
record and poor credit.
Children are easy targets for identity crime because
they have no debt history and no reason to check their
credit. Thieves can run up debts in a child’s name for years without
detection, wreaking untold financial and emotional havoc on victims.
Children become saddled with someone else’s debt, liens and bad
credit, and are often unable to secure financing for their education and,
down the line, even mortgages or car loans.
“If the perpetrators know what they’re doing, it’s easy to use a child’s
information,” said Adam Levin, chairman and cofounder of Identity Theft
911. “There’s no record out there; it’s a clean slate.” Continued on page 3 u
Get Wise About
Smartphones
Sophisticated consumers who
use smartphones to handle
sensitive tasks, such as
banking and downloading work
documents, face a growing
problem: mobile security threats.
Androids, BlackBerrys and
iPhones are increasingly vulnerable to hackers who create malicious software that
disables mobile devices or steals personal information and money from the user.
The biggest threat, however, is consumer carelessness—people lose or misplace
their phones all the time. When a lost or stolen smartphone falls into the wrong
hands, thieves gain instant access to the owner’s contacts, bank accounts, social
networking sites and even private corporate computer networks.
“That’s the real risk—losing your phone,” said Eduard Goodman, chief privacy officer
for Identity Theft 911. A smartphone is “this treasure trove that people are carrying
around with them—a mini-filing cabinet.” Continued on page 4 u
Devices are vulnerable
to data exposure
Identity Theft 911® Newsletter • August 2010
Page L
et’s say an identity thief has two choices for targets: The first is an insurance industry senior
executive, who keeps a summer home in Florida and flies to Antigua every year. The second is
an 8-year-old boy who has never opened a credit card or a checking account. Who do you
think would be the easier to exploit? And what do you think a criminal might gain from choosing one
over the other? In this month’s issue, we explore these questions as well as security issues surrounding smartphones.
Identity Theft 911 Chief Privacy Officer Eduard Goodman refers to the devices as portable “treasure
troves” of information of great value to hackers. Meanwhile, our fraud resolution center this month
highlights cases of incorrect billing. Although getting bills and calls addressed to someone else isn’t
fraud per se, it can evolve into identity theft if not monitored properly. As more debt collectors
continue to pursue the wrong individuals for debt payment, we offer tips for warding off such “wrong
numbers.”
Our Hits & Misses include an assessment of what’s going on in identity theft-related news, including
the plight of one man who was wrongly branded a sex offender in the state of Washington. Our Ask
the Expert feature offers analysis on the debate over Net neutrality, which will affect the way people
get information online.
Here’s to a safe summer and a fraud-free fall.
Adam Levin
Chairman of the Board,
Identity Theft 911
Features
5 The Fraud Files: Getting someone else’s
mail? Learn how to stop it before it evolves
into something more troublesome.
6 Case Study: Kimberly Reed gets help after
she learns her 2-year-old is a victim of child
identity theft.
Identity Theft 911® Newsletter • August 2010
Departments
7 Hits & Misses: A roundup of who’s getting it right
and wrong in the fight against identity theft.
8 Ask the Expert: Identity Theft 911 Chief Privacy
Officer Eduard Goodman explains the Net
neutrality debate and why it will shape how people
get their information online.
Page Stolen Childhood from page 1 u
The Identity Theft Resource Center
(ITRC), a nonprofit organization in San
Diego, lists these common uses of a
child’s information:
•
•
•
To establish new lines of credit.
Credit issuers and the Social Security
Administration do not share birth
date information, so credit reporting
organizations cannot verify an
applicant’s age.
To get a driver’s license or to avoid
consequences of a criminal act.
To create a new identity to make a
fresh start or evade arrest.
How it happens
Each year, 500,000 people under the
age of 18 become victims of identity
theft, according to the Federal Trade
Commission. Criminals acquire children’s
Social Security numbers by copying them
from medical records, intercepting mail,
and searching computer hard drives.
Sometimes they don’t even have to
go that far. “The most common way
numbers fall into the wrong hands is
when a parent loses a wallet or purse
containing the Social Security cards or
birth certificates of their children,” Levin
said. “It doesn’t dawn on parents that
this could lead to a problem, so they
don’t pull a credit report for the child.”
In many cases, the perpetrator is a parent
or relative who has bad credit, a poor
driving record or an ax to grind after
going through a bitter divorce or custody
battle. Experts say that these child
identity theft cases are often unreported.
Victims are reluctant to turn in a relative,
no matter how brazen the crime.
Children with stolen identities typically
discover the crime when they reach their
20s. In general, young adults are slower
to detect identity theft and suffer higher
monetary losses. It takes roughly four
months for 18- to 24-year-olds to notice
the fraud, compared with one month for
55- to 64-year-olds, according to the
2010 Identity Fraud Survey Report from
Javelin Strategy & Research. The average
theft costs the younger group $1,156,
compared with $234 for all identity theft
victims.
Identity Theft 911® Newsletter • August 2010
Many families also discover child identity
fraud around tax season. Parents will use
their child’s Social Security number to
claim them as a dependent, only to find
out it has already been used.
“It can be a shock if you’re filing your
taxes online” and a warning pops up
on the computer screen, said Brett
Montgomery, a team leader at Identity
Theft 911’s fraud resolution center.
It used to take up to three years to
resolve this kind of tax fraud and receive
a tax refund from the Internal Revenue
Service, he added. Now Identity Theft 911
works with the IRS’s taxpayer advocacy
division to close cases within a year.
credit applicants are using a minor’s
information.
The database would be run with
coordination from the Social Security
Administration, state motor vehicle
departments, and the three credit
reporting agencies, said Jay Foley,
executive director of the ITRC. The
database would be of no value to
marketers because it wouldn’t contain
addresses, he said.
The center presented the idea to U.S.
Sen. Dianne Feinstein (D-Calif.) earlier
this year, and expects an answer in 2011.
Some privacy advocates, however, might
view such a union between federal,
1.
Don’t give out your child’s Social Security number online or on the phone unless you
already trust the recipient.
2.
Never carry your child’s Social Security card or number in a purse or wallet. Leave it at
home in a secure place or in a safety deposit box.
.
Teach your child that people asking for personal information such as a SSN and mother’s
maiden name could be trying to defraud them.
4.
Thieves love recycling—cross-shred documents holding personal identifying information.
5.
Watch out for warning signs, such as credit cards arriving in the child’s name or calls from
creditors regarding current and past-due debts.
6.
Check your child’s credit report if you suspect identity theft. For children above the age of
13, go to annualcreditreport.com, the government-mandated source for free credit reports.
For children under 13, parents and guardians must request credit reports by mail. (For more
information, go to www.annualcreditreport.com.)
7.
The absence of an existing credit report usually means that no one is misusing your child’s
information, which is good. If one exists, be sure to check for problems.
How to fight it
state and private organizations as itself
vulnerable to exploitation. Experts recommend fighting child
identity theft on two fronts: Consumers
can change their behavior to protect their
children’s identities (see tips box, above),
and government and private business can
do more to coordinate their efforts.
Foley feels the benefits outweigh the
risks. “Lots of kids will be spared, and
the whole system would be designed to
shut down a minor’s information if it’s
misused,” he said.
The ITRC has proposed one way for
government agencies and organizations
to work together. It suggests a “1710
Database” that would hold the name,
Social Security number and birth
month/year of every child up to the age
of 17 years and 10 months. Creditors
could check the database to see if
Whatever comes of the legislation, it’s
clear that child identity theft is a real risk
for all children. Parents can make sure
their children are protected by following
the tips in the above box. •
Page Get Wise About Smartphones from page 1 u
Most major data breaches suffered by
companies and institutions happen
because of the loss or theft of a
laptop that contains sensitive data,
Goodman said. Smaller devices such as
smartphones are even easier to lose and
steal. In New York City alone, an average
of 5,000 cell phones were left in taxicabs
every month, according to a 2009 study
by Credant Technologies.
Lost or stolen smartphones that are
unprotected are easy targets for thieves.
With passwords automatically in place,
thieves can pose as the phone owner, ask
contacts to send money for bail or text
friends and family for sensitive personal
information. In one recent case, a thief
who stole a man’s cell phone and wallet
used the phone’s contact list to reach the
man’s wife and have her send his debit
card PIN.
1.
2.
.
4.
5.
isn’t keeping up with the rise in their
use for tasks that require secure access
or multiple downloads, such as mobile
banking and gaming.
recently bought mobile security provider
Trust Digital. Lookout, a San Franciscobased cell phone security firm, is
creating a catalog of applications that
address security threats. Called the App
Genome Project, the catalog will focus
Phone owners who like to play games
often download
them from free
sites, unaware
that they may
contain malicious
code uploaded by
malware writers.
When users
download and
play the games,
— Eduard Goodman, chief privacy officer for Identity Theft 911
they unwittingly
activate the code,
which allows thieves to make phone calls on applications that collect personal
to other countries on the victim’s dime.
information or threaten a smartphone
owner’s privacy.
Citigroup Inc. made recent headlines
when it announced that its iPhone
Experts say users can take steps
to protect the information on their
smartphones.
First, use the password protections built
into the device. Passwords should be
a combination of letters, numbers and
symbols that can’t be easily guessed,
Password protect mobile devices. Make the password strong and hard to guess by using
Goodman said. Most smartphones can
numbers, letters and at least one symbol.
be set up so that if the password is
guessed incorrectly a certain number of
Data wipe mobile devices. Use programs to destroy a device’s data if the password is
consecutive times—say 10—the device is
entered incorrectly a certain number of consecutive times. Take advantage of software
that locks the phone or erases the data remotely if the phone is lost or stolen.
scrubbed of all of its data.
Encrypt data on smartphones used for sensitive business communication. Smartphones
Second, don’t set up the device to
often have built-in data encryption capabilities that users don’t enable.
automatically remember passwords used
for websites, networks or accounts that
Before throwing away or recycling a smartphone, delete all information on it. The website
handle information that could put you or
Recellular at www.recellular.com provides a deletion guide for most cell phones.
your company at risk.
Don’t open unfamiliar attachments, e-mails or files from unknown sources on a
These precautions will add seconds here
smartphone—they are likely to be harmful. Consider using a more secure computer for
and there to the owner’s use of the
important tasks, such as checking a bank account balance.
device. But those extra moments can
prevent a lot of trouble.
Smartphone users are on even shakier
application accidentally saved
Finally, users should think about
ground when they decide to use a WiFi
information—account numbers, bill
everything they download onto the
connection to connect to the web in
payments, security access codes—to
device, and everything they try to access
lieu of their provider’s data plan. Even
a hidden file on the user’s iPhone.
online. It’s better to use a secure home or
if the connection is supposedly secure,
Customers’ personal information
office computer to access and download
Goodman said, it doesn’t take much for
wasn’t exposed. However, Citi advised
key information.
a hacker to use a laptop to intercept a
customers who used the app to upgrade
mobile device’s data flow, potentially
to a newer version that corrected the
“It’s like anything,” Goodman said. “It’s
gaining access to all the data on the
problem.
a balance among privacy, security and
device and every web location visited.
convenience.” •
A number of companies are addressing
Experts worry that smartphone security
the problem. Antivirus vendor McAfee
Identity Theft 911® Newsletter • August 2010
“A smartphone is this
treasure trove that people
are carrying around with
them—a mini-filing cabinet.”
Page Return to Sender:
What to do when you keep getting someone else’s bills
One by one, the bills began to arrive for the Stuckeys at a house in the Pacific Northwest.
First they came for Joan Stuckey, then Chuck, then Carla. Soon after, bills for other people
started appearing: Lindsay Park, James Price and Gladys Smith.
Trouble was, the owner of the house—Nathan Kent*—knew none of these people or how to
reach them. No matter how hard he tried, he couldn’t persuade the companies sending the
bills that these strangers’ names had been mistakenly attached to his address. When debt
collectors started harassing him, he grew uneasy.
Kent’s ordeal is a reminder that people
need to act decisively when they are
receiving someone else’s mail and calls.
Though his case is one of incorrect
billing, not fraud or identity theft per
se—the bills weren’t in his name, just
sent to his address—without proper
monitoring, it could have evolved into a
more troublesome situation such as debt
tagging. to collection agencies for pennies on the
dollar. When multiple parties handle the
debts over an extended period of time,
information is bound to get scrambled,
out-of-date or lost along the way.
Kent’s concerns about his credit record
drove him to seek help from his insurance
agent, who referred him to Identity Theft
911. Fraud specialist Mark Fulbright
immediately ran credit checks with two
credit bureaus, both of which came back
clean, and helped his customer file a
police report.
Fortunately, none of the debts were
attached to Kent’s Social Security number,
which had been stolen in 2006. This was
a relief, but it still brought no end to the
steady stream of calls and letters.
frequency of their contacts, actions that
are barred by the 1977 federal Fair Debt
Collection Practices Act, which governs
the way collection companies can behave
in their pursuit of debtors. Nearly onethird of those polled by Scripps said they
felt harassed by incessant debt collector
calls and/or letters.
The Federal Trade Commission received
nearly 120,000 complaints in 2009 about
Debt tagging occurs when collectors
third-party and in-house debt collections,
target the wrong person for a debt and
up from 104,000 in 2008. That year, the
attach that damaging information to
agency also recommended to Congress
his credit report. When a credit report
that it require debt collectors to possess
is “tagged” with a debt, it can take
the most accurate information possible
months to resolve. Identity Theft 911
on debtors, including name and amount
first introduced the term after its fraud
of debt, before pursuing debtors in
resolution center experienced an increase
earnest.
debt tagging cases earlier this year.
Eventually, Fulbright’s persistence
Cases of mistaken identity are hardly
Fulbright would contact one collection
in notifying collection companies
uncommon in debt collection. According
agency to request that they cease contact immediately after they contacted Kent
to a 2009 poll by Scripps Survey Research with Kent’s number and/or address, but
substantially decreased the frequency
Center at Ohio University, 39 percent of
another agency would take its place,
and nastiness of the contacts.
1,001 households said that debt collectors hounding him over debt he didn’t incur.
frequently had the wrong information.
Sometimes collectors were hostile, rude
Fulbright also was careful not to mention
and disbelieving.
Kent’s name when approaching debt
The trend is attributed to the rise of the
collectors for fear that once they got a
$60 billion debt resale market, in which
Hard economic times have prompted
name, it would be easier to associate or
major creditors sell off old unpaid debts
debt collectors to turn up the heat and
tag his client with someone else’s debt. •
* Name and location have been changed to protect the victim’s privacy.
Identity Theft 911® Newsletter • August 2010
Page Growing Pains:
Kids are the perfect targets for identity thieves
Kimberly Reed panicked when a state health worker told her that her son wouldn’t be eligible
to renew his free health care because he made too much money.
The strange part: Her son Cory* was only 2 years old. Someone had used his Social Security
number to receive $548 in paychecks from a business in the Pacific Northwest. The boy had
become a victim of a troubling category of identity crime: child identity theft.
Reed was fortunate to detect the crime
so early: It allowed her to take the
necessary steps to resolve the problem.
In most cases, child identity theft
remains undiscovered for years until
victims are teenagers or in their 20s,
and are applying for a student loan or
their first credit card. By then, they can
number. That statement would serve
as evidence that the boy’s identity was
misused.
On Reed’s behalf, Ayala wrote letters
to the three primary credit bureaus
explaining the fraud and requesting a
suppression on Cory’s SSN. That means
“I would have never thought to check my
2-year-old’s credit report. I’ve called all my
friends and family to tell them to block their
children’s Social Security numbers.”
— Kimberly Reed, whose 2-year-old is a victim of child identity theft
encounter horrible credit ratings and
histories or thousands of dollars of debt
in their names.
Reed acted quickly. Her insurance
company referred her to Identity Theft
911. Sandra Ayala was the fraud specialist
assigned to the case. She called the
Social Security Administration to ask
for a statement that showed earnings
associated with Cory’s Social Security
no one can take out a loan or get credit
on a Social Security number until the
individual is 18 years old. Fortunately,
no one had used the boy’s identity
information to obtain loans or credit.
Ayala also advised Reed to contact her
local police department, which filed an
incident report that Reed could use as
further proof of the identity theft.
“It’s quite the ordeal—not really how I
wanted to spend the beginning part of
my summer,” said Reed, who was grateful
to have Ayala’s help. “She did a lot of
things that I didn’t think of—she was
very helpful.”
The efforts paid off. State health services
officials acknowledged the fraud and
renewed Cory’s free health care.
If identity theft is suspected, parents
should contact the credit bureaus to see
whether their child has a credit report;
put a suppression on the account so no
credit can be extended under that Social
Security number; and continue to watch
for credit card and other offers that might
come in the mail in their child’s name,
Ayala said.
“I would have never thought to check
my 2-year-old’s credit report,” said Reed,
who has also suppressed her 7-month-old
daughter’s SSN. “I’ve called all my friends
and family to tell them to block their
children’s Social Security numbers.” •
* Name and location have been changed to protect the victim’s privacy.
Identity Theft 911® Newsletter • August 2010
Page Hits
A decade after Rep. Bobby Rush (D-Ill.) beat Barack Obama in a congressional race, the veteran lawmaker
is using his status as chairman of a House consumer subcommittee to help bolster federal data protection
laws. He has sponsored the Best Practices Act, a bill that would impose tight regulations on people and
businesses that store 15,000 or more personal data records online. The Federal Trade Commission would be
in charge of enforcing the nationwide law. With congressional elections coming up, it’s unlikely the bill will
become law this year, but the proposal, which could mean fines of up to $5 million for businesses that fail to
safeguard data, could pass in 2011. The lobbying fight promises plenty of industry opposition.
Michael Fertik has founded a company to help people who are concerned about the indiscretions
they committed while they were young and how that behavior was portrayed on the Internet.
ReputationDefender, based in Redwood City, Calif., offers practical solutions for protecting your online
reputation. Fertik founded the firm in 2006 after “seeing articles about the ‘Lord of the Flies’ behavior that
all of us engage in at a young age. It felt un-American that when the conduct was online, it could have
permanent effects” on the individual, he told The New York Times. A sense of fairness also could mean
commercial success—the company recently received $15 million in funding from top Silicon Valley venture
capital firms.
Google Street View wants to offer a ground-level view of at least a dozen countries worldwide, but
Connecticut Attorney General Richard Blumenthal wants to know why Google’s software was picking up
personal data from wireless networks without authorization as it documented his state’s neighborhoods. He
has demanded a speedy response from the company on whether Google had tested its software before it
was used, claiming that would have shown that unauthorized data collecting was happening. Blumenthal’s
efforts are leading a 37-state coalition that’s trying to firm up data security as issues like the Street View
collection breach arise. Google has said the data collection was inadvertent and that it will work with legal
authorities to address all concerns.
Misses
A quirk of the legal system can keep Washington state residents with stolen identities yoked to their
identity thieves, especially if the criminal’s record includes sex offenses. A recent report on the plight of Dan
Wheeler of Port Orchard exposes the hitch in state law that has branded him a sex offender because the
man who stole his wallet 15 years ago committed sex offenses. Registered sex offenders’ aliases are kept
on file by the Washington State Patrol, which means “he’s attached to you the rest of your life, because he
used your name,” Wheeler recently told KING-5 TV. “It shouldn’t be the case.” He has petitioned his state
representative for a change in the law, like a recent adjustment to a similar law in California.
It’s easy to underbid the competition when you can count on the proceeds of identity theft to make up the
potential losses. Four employees of Parking and Security Services, a New York company that handles security
for movie shoots, were charged with grand larceny and identity theft after allegedly scamming $95,000 in
unemployment benefits. The thieves recruited undocumented workers to gather Social Security numbers
from friends and relatives, “fired” the fake workers, then billed their moviemaking clients. About $22,000 of
the stolen money was part of the federal stimulus package intended to avert widespread economic collapse.
Higher education is earning failing grades on data protection. Universities in Florida, Maine and California
all made recent headlines for security breaches that exposed student names, Social Security numbers and
even grades through flaws in online security. The University of Maine, Florida International University and
California State University, San Bernardino, had to grapple with data-related woes in the last several weeks.
Some problems were caused by hackers, others by inadvertent errors in handling online records. Schools
continue to face hard lessons in securing student identities.
Identity Theft 911® Newsletter • August 2010
Page Q&A: Eduard Goodman
Identity Theft 911’s chief privacy officer
After the Federal Communications Commission suffered a setback this April
in its effort to maintain unrestricted, equal access to the Internet for all
users through a doctrine called Net neutrality, the Federal Trade Commission
now is preparing to pick up the reins again. Identity Theft 911’s chief privacy officer, Eduard
Goodman—an attorney and expert on international privacy and data protection law—believes
the Net neutrality debate is sure to reach fever pitch over the next year, and that the fallout
may shape the way people get information online.
What is Net neutrality?
It’s the current practice of giving equal treatment to all
online traffic—regardless of its content, where it comes from
or where it’s going. Think of the Internet as a series of pipes
that information can be routed through. Net neutrality stops
Internet Service Providers—any company you use to connect
your computer to the Internet—from putting a filter on those
pipes, which would affect the flow of information through them
by allowing ISPs to give certain traffic preferential treatment.
Why should people care?
Information wants to be free. Net neutrality protects Internetuser privacy regarding how (and what) information gets
exchanged online. The Internet is also the one forum that
currently allows large and small players to compete equally,
resulting in low-cost high bandwidth for consumers. Net
neutrality lets innovative services flourish in an environment
where ISPs aren’t limiting traffic and/or peeking into any
interaction consumers have with the Internet to monitor the
content it contains.
Why do detractors want to change the status quo?
ISPs and large media companies argue that by investing in
networks and copyrighted content, they should be able to
determine how and what information flows through their
“pipes.” This would allow ISPs to create new revenue by
creating multitier access to the Internet. So, for example,
big companies potentially could buy preferential treatment
so that ISPs highlight their news, products or services and
restrict Internet users from obtaining competing or disparaging
information. Identity Theft 911® Newsletter • August 2010
So if Net neutrality crumbles, ISPs could monitor and steer
online interactions?
In theory, yes. “Traffic shaping” would allow an ISP to turn
down the amount of bandwidth available if a person downloads
or streams large, bandwidth-heavy files using file-sharing
applications such as BitTorrent. However, in order to do this,
the ISP would have to peek inside packets to determine the
types of files being sent and received between users and
websites they are visiting.
That seems like a breach of free speech and user privacy.
While I understand the motivation of ISPs, I feel that anything
other than Net neutrality is contrary to the ideals that the
modern Internet was founded on. I’m opposed to companies
accessing my Internet traffic content to determine whether
or not it deserves preferential treatment on their networks. It
would mean that at the most fundamental level of the Internet,
privacy would be nonexistent. Net neutrality adds another layer
of privacy to a multilayered approach to general privacy online.
Why is this debate getting so much recent national
attention?
Net neutrality has been a pressing topic since the Internet was
first commercialized, but it’s been in regular debate since the
dot-com bust. This spring, a federal appeals court indicated that
the FCC lacked authority to regulate the management of web
traffic in a case against ISP Comcast, which has since started
limiting the speed at which its users download via BitTorrent.
But the FTC has broader powers, and its attitude is that
everyone deserves privacy and access to the Internet equally.
The debate should play out over the next year or so, since the
FTC has made it clear it’s going to gun for Net neutrality. •
Page

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz