Your identity can slip out of your mailbox, be sucked up from the trash

Editor's Note: This is the second of three stories on how identity thieves operate and how we can avoid being targeted.

If the Internet is not the major hole by which our identities are sucked away for illegal use, what is? And what can we can do to protect ourselves without spending a lot of money?

According to the Federal Trade Commission, thieves who want our personal information operate in a number of ways:

-- Getting information from businesses or other institutions by stealing, bribing, hacking, or by conning employees who have legitimate access.

-- Stealing your mail.

-- Rummaging through your trash (“dumpster diving”).

-- Getting your credit reports by abusing their employer’s authorized access to them.

-- Stealing your wallet or purse.

-- Completing a “change of address form” to divert your mail to another location.

-- Stealing personal information they find in your home.

-- Stealing personal information by claiming there’s a problem with your account with a business they have learned you deal with. If you’re approached for information online it’s known as “phishing”; by phone, it’s called “pretexting.”

Direct assaults

According to the 2006 Identity Fraud Survey Consumer Report by the California-based security studies company, Javelin Research (www.javelinstrategy.com/research), direct consumer victimization plays a significant part — 63 percent — in data theft. Nearly half of that 63 percent was due to lost or stolen wallets, credit or debit cards, or checkbooks. About a quarter of it, 15 percent of all theft, was perpetrated by people the victim had trusted.

One major statistic: Almost half of all information breaches result from lost or stolen wallets, the study says. It is still the largest source of ID theft. Heretofore, the major problem has not been the money; it was replacing licenses and getting new credit cards. Now, the major threat is identity theft.

Unfortunately, there’s a relatively new vulnerability. The Veterans Administration theft currently in the news shows that stolen, lost or misplaced laptop computers can result in the compromise of millions of personal records. As yet, there are no official statistics yet on the severity of this problem, but it appears to be staggering.

Information compromised during business handling amounted to roughly 30 percent of all incidents reported, according to the Javelin study. There is little we can do to overcome sloppy security, internal fraud or other problems within a business or institution. Still, we can take steps to lessen compromise of or access to our valuable identifying data.

No more nonchalance

Some of the prevention steps are obvious; others are less well-known but nonetheless essential to your complete protection:

-- Don’t ever let your laptop computer out of your sight in public.

-- Protect your wallet. Keep the bank and credit card companies’ toll-free numbers handy and in a separate location in case cards are stolen, because you need to take immediate action.

-- Avoid using unlocked lockers to store your wallet or purse at gyms, spas, fitness centers golf or tennis clubs, the beach, or pools.

-- Never carry your social security card in your wallet.

-- Buy encryption software to encrypt all sensitive files on your laptop, such as your “My Documents” folder and your Quicken or other personal finance folders on a Windows PC).

-- Shred all financial documents or tear them into small pieces and deposit pieces in different trash receptacles.

-- Never allow your driver’s license number or social security number to be preprinted on your checks (many consumers now avoid having even their addresses printed).

-- Carry only the credit/debit cards you frequently use. Some companies now offer “mini” cards with holes you can attach to your key chain, which of course means you want to be vigilant about your keys.

-- Put all credit cards onto a copier and copy them front and back so you will have a record of both the card numbers and company contact numbers.

-- Do not respond to any e-mail offering investment opportunities, deals that are too good to be true, or that want your personal information to fix an alleged problem with your account. If there is a problem with an account you may be notified by e-mail, but you will never be asked to submit information via e-mail.

-- Never send your social security number, pin numbers or any other sensitive data in an e-mail. E-mail is as secure as a snail mail, picture postcard.

-- If workers or visitors have unescorted access to the computer in your home, do not use the password-storing option offered by your Internet provider, and use a password to control access to the computer itself. Turn the computer off if away.

-- Ensure that you, and everyone in your home, disclose as little personal information as possible in online profiles, blogs, social networking sites or online resumés.

-- Use a credit monitoring service to notify you immediately about any credit checks on you, especially if it appears a new account has been opened.

-- Know the billing cycle for repetitive bills and keep track of it. If an expected bill has not arrived, immediately call to see if anyone has attempted to change the billing address.

-- Consider using a locked box at the post office or enroll your neighbors to keep an eye on each other’s mailboxes.

It’s not a pretty picture. But the good news is that the best preventive measures are under your control, safeguarding your wallet/purse, laptop your mail.

What's in your mail?

Understand that the sooner you detect any theft or fraud, the less it’s likely to cost you. Speed of detection is crucial. If the consumer detects the problem, for example by using a credit monitoring service, the consequential damages will be significantly less, because the accounts can be quickly frozen.

According to Javelin, if a fraud case is reported, the chances are slightly better than one in three — 36 percent — that the perpetrator was known by the victim: a trusted acquaintance, friend or relative; work associate; neighbor, or a domestic employee/contractor working inside or around the home. And the closer the relationship the more damaging the loss.

There is an interesting observation of a direct connection between methamphetamine (meth) use and ID theft, made by Andrew P. Thomas, County Attorney, Maricopa County, Ariz., in a recent interview with the New York Times.

Meth users steal mail from private mail boxes. Communities with a central cluster of mailboxes are particularly attractive: a lot of mail in a single location, and locks on these boxes are almost irrelevant; they are extremely easy to force open.

Users are looking for pre-approved credit card offers to establish an account in your name, using a different address.

Why meth users? People on meth are usually high — which means they stay awake — for several days at a time, according to Thomas’s comments. They have time to sort through mail to glean whatever is valuable. Stolen mail may yield not only pre-approved credit card offers, but also account numbers for utility services, personal checks, or even payroll or benefit checks. If these users have a meth lab, they’ll have a supply of acetone which can be used to remove anything written in ink on a check.

Mail theft is more common in areas with a high concentration of retirees because of the likelihood that social security or veterans’ checks will be found in the stolen mail. Mail theft is also higher wherever there’s a high percentage of illegal immigrants, Thomas said, because there is with a high demand for legitimate source documents -- easily produced from stolen mail.

Read all about it

Learn about the nature and extent of the problem, its guises and other specific actions you can take to prevent identity theft and what to do if victimized. Here are some beneficial educational sites:

Federal Trade Commission: www.consumer.gov/idtheft

Federal Trade Commission: www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm

Identity Theft Center: www.idtheftcenter.org/faq.shtml

Florida Attorney General: www.myfloridalegal.com/identitytheft

US Department of Justice: www.ojp.usdoj.gov/bjs/abstract/it04.htm

Privacy Rights Clearing House: www.privacyrights.org/identity.htm

Lee County Sheriff: www.sherifflee.fl.org/prevention/brochures/printidentitytheft.htm

Consumers Union: www.consumersunion.org/creditmatters/creditmattersupdates/001638.html

Unfortunately, the story continues. There is another, increasingly popular and increasingly dangerous and damaging source of ID theft. The travesty is that it is publicly funded and there is little than an individual can do to prevent the compromise of personal information there.

In the final story of this series you will see how this is happening right here in Collier County. You will see how even the personal identity information of public servants, including law enforcement and the judiciary, is readily available to anybody who can use the Internet and has access to a computer. Stay tuned.

- - -

Next Saturday: Records that may be too open.