January 23, 2006

Identity theft

An attorney sent this memo around his law firm and it is well worth reproducing here. As credit card fraud is constantly evolving, we need to stay one step ahead of the game with the sharpest new ideas. This information is specifically for Americans, but there is enough here that applies across the board, so everyone with a chequebook or a credit card should read it. (If for no other reason than, how often do you get free advice from a lawyer?)

1. The next time you order checks have only your initials (instead of first name) and last name put on them. If someone takes your checkbook, they will not know if you sign your checks with just your initials or your first name, but your bank will know how you sign your checks.

2. Do not sign the back of your credit cards. Instead, put "PHOTO ID REQUIRED."

3. When you are writing checks to pay on your credit car accounts, DO NOT put the complete account number on the "For" line. Instead, just put the last four numbers. The credit card company knows the rest of the number, and anyone who might be handling your check as it passes through all the check-processing channels will not have access to it.

4. Put your work phone # on your checks instead of your home phone. If you have a PO Box, use that instead of your home address. If you do not have a PO Box, use your work address. Never have your SS# printed on your checks, (DUH!). You can add it if it is necessary. However, if you have it printed, anyone can get it.

5. Place the contents of your wallet on a photocopy machine. Do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel. Keep the photo copy in a safe place. Also carry a photocopy of your passport when traveling either here or abroad. We have all heard horror stories about fraud that is committed on us in stealing a name, address, Social Security number, credit cards.

Unfortunately, as an attorney, I have first hand knowledge because my wallet was stolen last month. Within a week, the thieve(s) ordered an expensive monthly cell phone package, applied for a VISA credit card, had a credit line approved to buy a Gateway computer and received a PIN number from DMV to change my driving record information online. Here is some critical information to limit the damage in case this happens to you or someone you know:

A. We have been told we should cancel our credit cards immediately. The key is having the toll free numbers and your card numbers handy so you know whom to call. Keep those where you can find them.

B. File a police report immediately in the jurisdiction where your credit cards, etc., were stolen. This proves to credit providers you were diligent, and this is a first step toward an investigation (if there ever is one). However, here is what is perhaps most important of all (I never even thought to do this.)

C. Call the three national credit reporting organizations immediately to place a fraud alert on your name and Social Security number. I had never heard of doing that until advised by a bank that called to tell me an application for credit was made over the Internet in my name. The alert means any company that checks your credit knows your information was stolen, and they have to contact you by phone to authorize new credit. By the time I was advised to do this, almost two weeks after the theft, all the damage had been done. There are records of all the credit checks initiated by the thieves' purchases, none of which I knew about before placing the alert. Since then, no additional damage has been done, and the thieves threw my wallet away this weekend (someone turned it in). It seems to have stopped them dead in their tracks.

Now, here are the numbers you always need to contact about your wallet and contents being stolen:

1.) Equifax: 1-800-525-6285

2.) Experian (formerly TRW): 1-888-397-3742

3.) TransUnion: 1-800-680-7289

4.) Social Security Administration (fraud line): 1-800-269-0271

Posted by Verity at January 23, 2006 11:10 AM

Verity, thanks for the tips.

Posted by: Lex at January 23, 2006 07:42 PM

Some of this is clearly good advice, but this one is so wrong it boggles the mind:

When you check out of a hotel that uses cards for! keys (and they all seem to do that now), do not turn the "keys" in. Take them with you and destroy them. Those little cards have on them all of the information you gave the hotel, including address and credit card numbers and expiration dates. Someone with a card reader, or employee of the hotel, can access all that information with no problem whatsoever.
Posted by: Kirk Parker at January 23, 2006 11:29 PM

Yes, that makes no sense at all. There's no earthly reason for personal information to be on a room key. All it needs is a room number, and an expiration date after which it will no longer work.

Posted by: Rand Simberg at January 24, 2006 08:17 AM

I had doubts about that point myself, but included it anyway as this fellow seems to have a pretty good thoughts on protection about identity theft. Kirk Parker, do you know for absolute certain that this information is wrong? If it is, I will take it off.

On the other hand, it might be correct simply because this is the way it's done. Maybe the card runs through the same machine that processes your credit card.

Posted by: Verity at January 24, 2006 10:07 AM

Snopes says the hotel key story is an urban legend. Some ID thieves have used hotel key cards to store ID info from stolen credit cards that they copied over, since having a bunch of hotel cards you 'forgot' to return is less incriminating than being busted with dozens of suspicious-looking credit cards in your possession. Hotels say they keep all billing info in a separate system than the one used to program the door cards.

Posted by: badgerwx at January 24, 2006 10:50 AM

I have heard that a substantial percentage of identity theft is perpetrated by family members of the victims.

Posted by: Peter at January 24, 2006 09:15 PM


What snopes says. (Well, and I work in software development involving, among other areas, the retail use of credit cards, so I have some idea of current-day security requirements.)

Some day, I'm gonna be the originator of one of these neat urban myths, instead of the debunker. Anybody know how I get started? :-)

Posted by: Kirk Parker at January 24, 2006 11:58 PM

Kirk Parker - I removed point number six yesterday afternoon.

Posted by: Verity at January 25, 2006 08:01 AM

As for calling the SSA I've read that you shouldn't carry your Social Security card around in your wallet. If someone gets your wallet, should you still call the SS Administration?

Posted by: lindenen at January 25, 2006 01:27 PM

Before travelling overseas, the best thing to do is to scan the front of your passport, the inside cover (where your picture is), the visa (if required) for EVERY country on your schedule, and the last page if there are any endorsements or name changes (vital for married women). Upload them to an online file storage system or into something like G-mail. Give each of the files innocous names like Grandma's Dog or something like that.

This saved me when my passport was stolen in a third-world country that is only intermittently friendly to Americans.

I was able to go to the American consulate and download the pics for them.

Posted by: Jacknut at January 28, 2006 08:34 AM
Post a comment

Remember personal info?