Child Identity Theft
Page 6
A cloning criminal is emotionally detached from the act of identity theft, as well as from the victim. One method of cloning is to target the obituary section of a newspaper. The criminal reads for intelligence, not pleasure. Most obituaries provide the name, date of birth, and date of death of a deceased individual. Experienced child identity thieves prefer to target infant children who are deceased, as it is more unlikely that parents applied for a Social Security number so early in a child’s life. Child identity thieves will take the information and apply for a Social Security number, knowing that parents of a deceased child will never have a reason to order an annual credit report.
As if the theft of a deceased child’s information is not despicable enough, consider this: if the criminal misses the obituary, a simple visit to the child’s grave provides the thief with similar information, such as child’s full name, date of birth, and date of death. A reliable national registry protecting children does not currently exist, so our children’s information is available to the general public for anyone to steal. My message is simple: with the death of a child, his or her identity may live on if stolen by an identity thief. Parents must still be vigilant in protecting their child beyond death.
Another method for this crime involves an individual seeking out employment opportunities at a school in order to gain access to information on children. While extensive background checks are completed on teachers and administrators, in most educational jurisdictions, less extensive background checks are completed on custodians and cafeteria workers. All a thief needs is legitimate access to the school, and these positions allow more frequent access to schools in odd hours, such as before and after school, and on the weekends. This is absolutely not to imply that all custodians and cafeteria workers are thieves, but rather to demonstrate one such example of how reduced background checks for all those who come into contact with our children may put their identity more at risk to be stolen.
Do not think that it is only our school systems that have such a breakdown. Hotel housekeepers, home cleaning service workers, medical office janitors, and day care janitors are just a few more examples of positions in which thieves seek out reduced background checks in order to position themselves closer to the private information of our children. These occupations require few background checks, yet they have a wide range of access to information.
We are all raised to believe that our first responders are to be trusted. As I mentioned earlier, a child identity thief is emotionally detached from his or her victim. For this reason, the last method I will cover is one I find personally disturbing. The thief may gain employment in a “trusted” position, such as law enforcement, in a fire department, or as part of a rescue unit. While these positions are not as common in identity theft, all the criminal really needs is a uniform suited to a “trusted” profession. The uniform signals to children that it is okay to trust the individual asking personal questions. Children will be more apt to give their personal information to someone in uniform, rendering it more difficult to explain to your child why it is okay to trust a uniformed adult again after his or her identity is stolen.
Question #20: Are there any protections against cloning?
There are best practices, and preventive measures, to protect your child against cloning. Security professionals use the term “hardening the target.” This means that you educate yourself and your family about child identity theft first, and then you proactively put protective measures in place. Once you have family protective measures in place, you should talk to other people, businesses, providers, and organizations to encourage them to do the same.
Previously covered is the fact that both state and federal laws are in place to cover child identity theft, identity theft, and aggravated identity theft. The federal government has identified the Federal Trade Commission (FTC) as the lead agency for collecting identity data, and assisting citizens with reporting identity theft and child identity theft problems. For more information on the responsibilities of, and available assistance from, the FTC, visit www.ftc.gov.
The Social Security Administration (SSA) maintains what is called the Death Master File (DMF). This computerized database is designed to be a federal repository for all death information. Theoretically, the name of every person who dies should be reported to the SSA and listed in the publicly accessible DMF. If all deaths were entered into this file, and done so properly, the file would be a great tool for credit agencies to obtain information from in order to properly consider credit applications, possibly catching a thief attempting to use the information of a deceased individual.
The SSA receives information on deaths from family members, funeral homes, postal officials, state and federal agencies, and financial institutions. According to the SSA’s Fact Sheet, Change to the Public Death Master File, “The Public Death Master File is a file of all deaths reported to SSA from sources other than States, beginning around 1936. It is not a complete file of all deaths and we cannot guarantee the accuracy of the DMF. The absence of a particular person on this file is not proof that the individual is alive. Further, in rare instances it is possible for the record of a person who is not deceased to be included erroneously in the DMF.”1 Mark E. Hill and Ira Rosenwaike wrote an article titled “The Social Security Administration’s Death Master File: The Completeness of Death Reporting at Older Ages,”2 which sheds light on critical information concerning the death of children and the DMF. The research by Hill and Rosenwaike shows that since 1960, the SSA’s DMF has never captured more than 42 percent of deaths for those 0 to 24 years of age.
Another critical issue with the DMF is that it only records information on the death of individuals who have been assigned a Social Security number. If an infant, child, or young adult has not been issued a Social Security number, information on his or her death is not stored with the SSA. A thief is able to use the identity of a deceased child to apply to the SSA for a Social Security card. The SSA is unable to track the fraudulent application due to the information of the deceased child not being included in the DMF. Though there are clear concerns with the DMF, credit bureaus do check the information received from an applicant against the DMF. If a credit bureau finds the applicant’s name on the DMF, the bureau will advise the creditor(s) of its findings. The question you need to ask yourself, of course, is whether or not the death of your loved one is among the 42 percent of deceased individuals who make it into the DMF.
If your child encounters a criminal savvy in cloning, your child will be best prepared to handle the situation if he or she has been taught to never provide personal information, and to defer the questions to his or her parents. This is easier said than done, but when a child feels uncomfortable, the best policy is to seek a trusted known adult. If this fails, then you should teach your child to come to you as soon as possible and inform you of exactly who was asking questions of him or her, and what information was released. If you have even the slightest suspicion that your child’s personal information or identity has been compromised, contact a credit reporting agency immediately, and request that a ninety-day fraud alert be placed on your child’s name and personal information.
Question #21: How do telephone callers and scams put my child at risk?
Anytime your child speaks to a stranger on the phone, there is a danger that he or she will reveal information that can be used by thieves to cause financial or physical harm. Scammers often say they are taking a survey, calling on behalf of a school, or calling from your banking institution. The caller may say that he or she is calling from a government agency, or advising that you have won a contest. There are ways you can reduce the number of phone calls you receive, and decrease your odds that phone call scammers will target your children.
The twenty-first century has brought an influx of high-tech cell phones, high-speed BlackBerries, and smartphones. These are in addition, of course, to our business and household telephone services. The question of when parents allow their children to have cell phones or sm
artphones is a family decision. Whether you allow your child to have a phone or not, teach your child what information is appropriate, and not appropriate, to release when talking to someone on the phone.
When the phone rings, a con artist may tell your child they could win an iPod for taking a survey. Another may say they are notifying your family that you have won money in a lottery, even though you cannot remember entering. A scammer may even try to sell you something at a price you cannot refuse to ignore because it is “the lowest available,” or it “will only last a short time.” Do not allow a scammer to convince you, or your child, that it is acceptable to release personal information over the phone for any reason. Teach your children the lesson of life that if the offer seems too good to be true, it is.
Most scam callers call home phones because residential numbers are easiest to obtain. Screening your calls with caller ID is great, but not foolproof, due to vishing, which is explained in the next question. When talking on the phone, remember that you cannot verify to whom you are speaking. Telemarketers calling your phone could be anyone, of any age, gender, or nationality. There is no absolute way to verify who the incoming caller is, or establish, before answering the phone, the reason they are calling. My question for parents is this: if you cannot verify your caller, how could you expect your child to? Protect your child by teaching him or her not to answer the phone when they do not recognize the number displayed on caller ID. Explain to your child why it is not wise to release any personal or family information to strangers on the phone, regardless of who the caller claims to be.
Protection from scammers, and unwanted telemarketers, begins with visiting the government’s Do Not Call list at www.donotcall.gov. On this website, a consumer can list his or her telephone numbers for their home, cell phone, BlackBerry, and smartphone. Registration at the Do Not Call website is free, and it provides protection from telemarketers after the number is placed on the list for thirty-one days. Should you receive telemarketing calls after the thirty-one-day period, the same website is your avenue for filing a complaint.
Other mechanisms can help you protect your child and your family from unwanted or threatening phone calls. Two specific methods are “traps” and “traces.” Getting these started requires a call to your phone company. A trap can be set on your phone line for two weeks. Traps trace the origin of unwanted calls. The drawback with traps is that you are required to keep a log with the dates and times of each individual call.
A trace requires no logs and will accomplish the same result; however, it is not free. The cost of a trace will vary from one telephone company to another. All you are required to do is dial *57 after receiving the call, and the incoming call is traced. Note, though, that a trace will only work for calls coming from your local phone network area. Once a concerning call is answered, hang up and dial *57. The local phone company is able to capture the caller’s information. Though the information cannot be released to you, you may provide written authorization to your phone service provider to release the call information to the proper authorities for investigation. If your child is receiving concerning phone calls, contact your phone service provider for additional information regarding traps and traces.
Question #22: Why are vishing, spoofing, and smishing so dangerous?
Vishing refers to a method of information-gathering using “voice over Internet protocol” (VoIP). A child identity thief will use a VoIP line on a computer to make a phone call to target and victimize your child; such calls are difficult to trace. I mentioned in a previous question that you cannot fully verify the caller when using a caller ID system, and this is true. Even with caller ID telling you that it is a phone number, such as your child’s school, church, or doctor’s office, it could be a trick because of vishing.
Coupled with vishing is “spoofing.” Spoofing is using a computer program or downloadable cell phone application to intentionally change the display on someone’s caller ID or cell phone. A call could be generated across the street or around the world. When using VoIP, it is easy for a thief to represent himself or herself as legitimate and “spoof,” or intentionally change, the caller ID to say they are someone else, a business, or a government entity (i.e., social services, a utility company, your local school, a department store, the police department, a federal agency, etc.).
Absolutely anyone can spoof. Anyone online can access the fee-based system and pay to spoof a call. Websites such as www.spoofcard.com and www.spooftel.com allow you to buy spoofing minutes to spoof your friends, family, or anyone you desire. You can spoof a home phone or cell phone. Spooftel even advertises that you can share your minutes with your Facebook friends.
In addition to vishing and spoofing, there is “smishing.” Smishing, according to the Federal Bureau of Investigation (FBI) website, is a combination of SMS (short message service) texting and phishing. The example provided by the FBI is someone texting you saying that they are your bank and advising that there is a problem with your account. The text provides a telephone number for you to call. When you call the number and provide the required security number, the thief drains your account. Children can be fooled the same way. Thieves can text children stating they are from the cell phone company and need a return call to verify personal information in order to keep the phone from being disconnected We must teach our children not to reply to such requests for information, as the thief is playing on their fear; if I do not call back, my phone will be cut off.
Other sites go even further. SpoofAPP (www.spoofapp.com) allows you to spoof from your cell phone. Kids with this application can spoof other children, or be spoofed by adult thieves posing as children. SpoofAPP offers you the ability to change your voice to disguise yourself and sound like someone else, which is frightening. An additional application from SpoofAPP allows you to record all calls and play them back later. The bottom line for parents is that you do not know who is calling your child, or what they are doing with the information they are obtaining.
The mechanisms of vishing, smishing, and spoofing are often used in con scams in conjunction with computer random phone dials. In this scam, thieves use “war dialers” to computer call randomly selected telephone or cell phone numbers. It may be programmed as a single call, or the computer may be calling multiple numbers at the same time.
If your child responds to a vishing telephone message, text, or SMS, be prepared for the caller to request detailed personal information from your child for “security” reasons. Why do they do this? Well, before the call or text, your child was an unknown individual randomly selected. Once they answered the phone, or responded to the incoming message, your child became a “mark” or target for identity theft.
Spoofers using vishing and smishing will ask questions such as your child’s name, address, date of birth, Social Security number, and possibly even your child’s school information. If the spoofer asks for partial information, they may direct you to another department or office, which will actually be another spoofer sitting next to the identity thief. The spoofers work in unison to collect as much information as the child will release. Once the spoofers put it all together, they have your child’s entire identity. As you can see, cons and scams have the potential to be complicated even for adults. Imagine being a child in today’s society.
Question #23: How can information stolen at an ATM compromise my children?
We all know how someone who sees you key your personal identification number (PIN) into an ATM can ultimately steal money from your bank account. Once a thief has your PIN, what does she or he really have except a set of numbers? To complete an illegal transaction, the thief needs your ATM card or the information from your card’s magnetic strip. In this question, you will read ways to better protect yourself against theft during a visit at the ATM.
Thieves often target ATMs for robbery. The crime is often viewed as a “holdup” as soon as you get the cash out of the machine. An easier crime for savvy criminals is to watch an ATM for someone who plans
to make a “quick visit.” As the person hurriedly exits the car, the thief jumps into action, opening the car door and stealing what you have left unsecured within an arm’s reach. The majority of the time, it is a purse or wallet containing confidential identity information.
When you discover personal and family items missing, the reality of cleaning up the identity theft mess may escape you. Beyond contacting your credit and bank card companies to advise them of the theft will be an entire new reality that someone has your personal and family information. The most realistic approach to this is to stop what you are currently doing, bookmark this page, and go get your purse or wallet.
When you have your purse or wallet, take out the contents and tell me what you see. Most will have a driver’s license, ATM card, credit cards, and membership cards. Nearly everyone has photographs of family. What is as important as the photo on the front is the information usually written on the back. Did you write the child’s name and age? If you did, then a thief has your child’s name, age, and from your license, your child’s address.
Do you carry your child’s Social Security card in your wallet? How about their prescription or health care card? Do you have your child’s school ID or school photo? All of this is information that child identity thieves desire. It may be hard to believe, but the reality is that you might not have been the target of theft in the first place; it may have been your child’s information they were after.
ATM thieves usually vary in their sophistication. The lower end of savvy criminals may “hold you up,” while the more intelligent thieves may use ATM card skimmers to simply steal your information as you swipe your card, later to be used to drain your accounts once you leave. Both are a violation of your privacy, and each has repercussions.