Monday, August 14, 2006
Identity theft is not a stand-alone crime.
According to the federal government, Phoenix AZ is the worst metropolitan area for identity theft. It is double the national average. Some reports reflect one in six adults has suffered from identity theft there in the last five years. Some who have analyzed this reduce it to two important facts:
James Van Dyke, president of Javelin Strategy and Research, said "You've got a supply-chain effect going on here. You have a higher than average use of meth and there's a strong correlation between meth usage and ID theft." "Meth users will take your bills in the mail and sell your bank statements as a form of payment. Then the [meth-]maker will use those bank statements to go into an existing account or make a new account off that information or sell your statements to an identity theft specialist," Van Dyke said. Detective Tony Morales of the Phoenix Police Department said, "Every time we find a meth lab we also find identity theft. These meth freaks like to hang together and they learn about identity theft tricks together."
There is a direct correlation between identity theft and the availability of public records online. Maricopa County estimates filing 10,000 documents a day. They have had records on the interned for 10 years and even refer people there in their telephone system. But things will be changing soon.
In Arizona, a new law will take effect in January 2007. A fine as high as $500 may be imposed on anyone filing documents with more than the last five digits of a Social Security Number or bank credit card number. These were prime targets in divorce documents.
Officials in Texas and other states are doing the same thing, examining what records are online and trying to find a balance between privacy and public information. It may be that this information will be available in the actual public records, but data may be truncated online. The thought process is that thieves will not actually go to the public records office to look up information. Some counties simply charge a fee as a deterrence to those wanting valuable information for free and with no payment trail that may lead back to them.
Still, Van Dyke said, referring to Javelin's report on identity theft, that consumers still need to worry more about paper document's than those in electronic form. "They should be more worried about documents going through the mail. We found in our research that only 9 percent of identity theft can be traced to Internet use and billing. If you follow normal precautions on the Internet you are actually better off than using mail."
Customers should still be urged to look opt for electronic statements from their banks and others, such as investment advisors, insurance, credit cards, etc. You should remind your customer to check their daily activity and look for unusual transactions and to investigate them immediately. You should also remind your customers to check their credit reports periodically.
According to the federal government, Phoenix AZ is the worst metropolitan area for identity theft. It is double the national average. Some reports reflect one in six adults has suffered from identity theft there in the last five years. Some who have analyzed this reduce it to two important facts:
- There is a large number of methamphetamine users there
- Many public records on the Internet contain confidential information.
James Van Dyke, president of Javelin Strategy and Research, said "You've got a supply-chain effect going on here. You have a higher than average use of meth and there's a strong correlation between meth usage and ID theft." "Meth users will take your bills in the mail and sell your bank statements as a form of payment. Then the [meth-]maker will use those bank statements to go into an existing account or make a new account off that information or sell your statements to an identity theft specialist," Van Dyke said. Detective Tony Morales of the Phoenix Police Department said, "Every time we find a meth lab we also find identity theft. These meth freaks like to hang together and they learn about identity theft tricks together."
There is a direct correlation between identity theft and the availability of public records online. Maricopa County estimates filing 10,000 documents a day. They have had records on the interned for 10 years and even refer people there in their telephone system. But things will be changing soon.
In Arizona, a new law will take effect in January 2007. A fine as high as $500 may be imposed on anyone filing documents with more than the last five digits of a Social Security Number or bank credit card number. These were prime targets in divorce documents.
Officials in Texas and other states are doing the same thing, examining what records are online and trying to find a balance between privacy and public information. It may be that this information will be available in the actual public records, but data may be truncated online. The thought process is that thieves will not actually go to the public records office to look up information. Some counties simply charge a fee as a deterrence to those wanting valuable information for free and with no payment trail that may lead back to them.
Still, Van Dyke said, referring to Javelin's report on identity theft, that consumers still need to worry more about paper document's than those in electronic form. "They should be more worried about documents going through the mail. We found in our research that only 9 percent of identity theft can be traced to Internet use and billing. If you follow normal precautions on the Internet you are actually better off than using mail."
Customers should still be urged to look opt for electronic statements from their banks and others, such as investment advisors, insurance, credit cards, etc. You should remind your customer to check their daily activity and look for unusual transactions and to investigate them immediately. You should also remind your customers to check their credit reports periodically.
Wednesday, August 09, 2006
We have helped some departments laugh their way through training with Privacy Police Sticky Notes and we have written in the Lessons Learned about branch fines for loose laptops (see "An Ounce of Prevention - and a Laptop can Weigh a Lot of Ounces") and you may ask why this is so important? Ask Matrix Bancorp of Colorado why.
Between 1:30 and 2:30 on the afternoon of Friday, July 28th, someone left their branch with two laptops owned by Martix and containing confidential corporate as well as customer information. Following proper IT security procedures these laptops are password protected and the data is encrypted. Still, Matrix is now in a defensive position monitoring customer accounts for unauthorized activity and offering a $50,000 reward for information that leads to the recovery of these laptops. A data breach is a very expensive proposition.
Securing laptops, locking offices, and properly storing files is in the job description of each and every person on your bank's payroll, written there or not. Training may be done with humor, skits, or a Jack Webb like tone instilling that this is serious business. A theft like this asks questions on many levels, who had access, why, why were they left in the open, were the employees ever taught not to do this, does the bank provide locking cables to secure laptops and how serious are they about this now. I'd bet the attitude has changed in their branches. And so it should elsewhere because this could happen in almost any bank. It is like that old commercial said, "you can pay me now, or pay me later." This is an excellent lesson many of us can reflect on and see how we can do things better.
Between 1:30 and 2:30 on the afternoon of Friday, July 28th, someone left their branch with two laptops owned by Martix and containing confidential corporate as well as customer information. Following proper IT security procedures these laptops are password protected and the data is encrypted. Still, Matrix is now in a defensive position monitoring customer accounts for unauthorized activity and offering a $50,000 reward for information that leads to the recovery of these laptops. A data breach is a very expensive proposition.
Securing laptops, locking offices, and properly storing files is in the job description of each and every person on your bank's payroll, written there or not. Training may be done with humor, skits, or a Jack Webb like tone instilling that this is serious business. A theft like this asks questions on many levels, who had access, why, why were they left in the open, were the employees ever taught not to do this, does the bank provide locking cables to secure laptops and how serious are they about this now. I'd bet the attitude has changed in their branches. And so it should elsewhere because this could happen in almost any bank. It is like that old commercial said, "you can pay me now, or pay me later." This is an excellent lesson many of us can reflect on and see how we can do things better.
