Identity crisis: an easy crime

Identity fraud is growing – and at an alarming rate. The latest figures issued by CIFAS, the UK’s fraud prevention agency, reveal that ID fraud rose by 17% in the first nine months of 2006. Identity fraud has now affected approximately one-in-four British consumers in some way, in turn costing the UK economy over £1.7 billion per annum.

Research conducted on behalf of the US Department of Justice has found that fraudsters are attracted to identity theft because it’s often easy to commit – particularly so when the information needed is readily available. For instance, personal information can be obtained from the Internet or could be contained in business files accessible to less-than-honest employees or burglars (who are themselves notoriously dishonest).

Many people are not nearly vigilant enough when it comes to protecting their personal information, and could subconsciously be providing fraudsters with opportunities to access the details they require.

Interviews carried out by Perpetuity Research and Consultancy International with five fraudsters and five victims of ID theft provide great insights into how the information used to commit such fraud is acquired, and how opportunities are then generated.

ID theft: easy pickings

The interviews were part of a study – entitled ‘Identity Theft in the UK: The Perspectives of Offenders and Victims’ – undertaken last year to develop a greater understanding of how fraudsters access the personal information they use to commit identity fraud. All of the five fraudsters interviewed reported that identity theft was an easy crime to commit. Indeed, one fraudster noted: “It turned out to be opportunist, really. Nine times out of ten it was easier than going shoplifting.”

Another fraudster, who used utility bills as evidence of identity when applying for credit cards and mobile phone contracts, said that it takes as little as ten minutes to steal someone’s identity. He knew the relevant procedures used by credit card and mobile phone companies, and he was more than happy to be patient. Another fraudster explained how his partner’s intimate knowledge of the area made it easy to identify someone who had died young – below the age of 16 – and, consequently, obtain the child’s birth certificate.

While the matter can only briefly be touched upon here, it’s important to understand what knowledge and resources are needed to commit an offence because it gives clues to weaknesses in company procedures that can be (and obviously are) exploited by offenders.

US data indicates that fraudsters make the most of the easiest available opportunities to steal identities, such as redirecting mail, stealing purses and wallets and taking letters from post boxes. Having been allocated a new Council property, one fraudster received a variety of bank statements, utility bills and insurance documents in the names of previous tenants. She seized this opportunity to open catalogue accounts in other people’s names.

Another interviewee reported how he stole a bundle of post from a house where the door had simply been left open. Among the bundle was a giro cheque which he duly cashed. He explained that absolutely no planning had been involved – the offence was purely driven by the ease of opportunity, and his overriding need for money to support a drug habit.

In these instances, precautions such as redirecting mail and not leaving doors open unattended may have reduced the opportunities for the fraudsters to steal.

When opportunity knocks

The latest figures issued by CIFAS, the UK’s fraud prevention agency, reveal that identity fraud rose by 17% in the first nine months of 2006. It has now affected approximately one-in-four consumers

The majority of approaches used by the fraudsters to steal identities were opportunist. One fraudster, for example, said that his crimes were never planned. He was a heroin user, so if an opportunity arose he would probably take it to fund his long-term drug addiction.

Nevertheless, more organised approaches were sometimes used by others. One interviewee described an approach which involved focusing on ‘hot targets’. This fraudster stole handbags to obtain the paper-based documentation she required. In particular, she targeted female shoppers in shoe retailers because they were often preoccupied and left their bags unattended.

Coffee shops – mainly because of their high tables – and men’s wallets left in jacket pockets in offices during lunch hours were also noted as prime targets. On the positive side, passports and driving licences were mentioned as items more difficult to ‘procure’.

One research study (conducted by Mel in 2005) concluded that 77% of household waste contains at least one item which could assist fraudsters in identity theft. Two fraudsters were aware of this approach, and one warned that even shredding could be overcome by sellotaping paper back together.

“It depends on the type of shredder used," said an offender. “Depends on how thin or thick the paper is when shredded. You can sellotape it back together. You only need a bank number.”

Destroy before disposal

One of the identity theft victims interviewed suspected that his details may have been taken from a credit card offer discarded in his rubbish. He also noted that he didn’t always destroy information before throwing it away.

More recently the BBC’s Watchdog programme – among others – found discarded waste left unattended outside a range of companies (including financial institutions). That waste contained clients’ details. Definitely of help to the identity fraudster, one suspects.

The real danger is that offenders will now be aware of the easy opportunities – which they are very good at exploiting. Never has there been a greater need to ensure that discarded waste is destroyed via proper shredding (and it is not the case that any shredder will do) and incineration, and that internal procedures are in place to ensure confidential material does not fall easily into illicit hands.

In general, the five fraudsters interviewed as part of this study found identity theft a relatively easy crime to commit. In other work we have carried out, identity fraudsters have also reported bribing staff and tricking people into parting with money by pretending to be someone else. They can do this online, over the telephone or in person.

The key is to ensure that individuals and companies assess their vulnerabilities and take action accordingly. The one thing we do not want is to make it easy for the fraudsters.