Internet identity theft: Minimizing the risk

By Don Knapp
CNN Correspondent

April 17, 1998
Web posted at: 12:05 p.m. EDT (1605 GMT)
(Original: http://cnn.com/SPECIALS/views/y/9804/knapp.hackers/index.html)

[Captured from the net 4/30/98 in case the page goes away -JumpDevGrp]

SAN FRANCISCO (CNN) -- It's very scary, this notion that some invisible computer hacker can stalk you through the Internet, pry into your private life, steal your identity and rob you blind.

It's also intriguing, and a favorite theme for techno-thrillers at the box office. Remember "War Games," in which a teen-ager hacks his way into a Defense Department control center and nearly sets off World War III? Or the desperate struggle of the heroine in "The Net" to recover her identity?

But hackers, of course, target everyday people, too, and that raises questions about just how vulnerable we may be when we log on.

Cal Oberst played games on his computer, but he never surfed the 'Net. Still, others who did were able to find and buy some of his most private information. One used his Social Security number to run up $35,000 in bank and credit card charges in just one month.

"Used to be, in my age bracket your Social Security number was very, very private, something you protected," Oberst said. "In this day and age, it's either tattooed on your forehead, or even a more personal place."

Bronti Kelly couldn't figure out why he had such a tough time getting a job. He ended up homeless before learning the reason: bad information obtained on the Internet by prospective employers labeled him a shoplifter. Kelly sued the May Company for the erroneous shoplifting report and won a $73,000 award.

Both Kelly and Oberst were victims of high-tech identity theft. They told their stories in Sacramento this week, in support of a bill by state Sen. Tim Leslie designed to increase penalties for such crimes.

It's one of a growing number of privacy measures in state legislatures across the country. About 50 have been introduced in Congress.

Low-tech stealing still the norm

But while stories about high-tech identity theft capture our imagination and the headlines, experts say the majority of such crimes still happen the old-fashioned way: someone steals identity information from readily available documents.

Only about 10 percent of such crimes occur using the Internet, according to Beth Givens of the Privacy Rights Clearinghouse.

'It's far too easy'

Terri Werner routinely put her Social Security number next to her name on tax forms she prepared for clients. That was all someone needed to steal her identity, and run up $5,000 in bogus credit card charges.

"It's far too easy" to steal someone's identity, Werner said.

Once the thief had her Social Security number, it was fairly easy to get her credit report. Werner didn't learn of the theft until she tried to refinance her home.

The police seemed to take little interest in the case, as Werner saw it, because it was not a high-profile crime. And the credit card companies seemed content to accept the loss, she said, as part of the cost of doing business.

Werner spent a year trying to undo the damage, even taking days off work, and ended up with a fat file of documents: certified mail, police reports and court records.

When the woman who took Werner's credit identity was finally caught, she served just 45 days at home.

Werner's year-long battle cleared her name and restored her good credit. But she still scours her credit report every few months to make sure no one is out there using her good name.

Identity theft small change to credit industry

 

The cost of stolen identities now runs to about $2 billion a year. Within the trillion dollar-a-year charge card industry, that's small change.

The losses amount to about eight cents for every $100 charged, according to Experian, the credit tracking firm formerly known as TRW.

And the bundle of legislation aimed at stopping identity theft is a kind of security threat in itself, as the credit industry sees it.

"We want to go after the people that are using the information to hurt, but not close up the information to the press and the public, so we know what's going on, so we're not a secret society," said Jerry Casale of the Direct Marketing Association.

Thus far, victims such as Oberst, Kelly and Werner have had to play major roles in the investigations that caught the culprits. But that takes a lot of time, effort and awareness of how to proceed that many identity crime victims may lack.

Even new laws by themselves won't solve the problem, until law enforcement agencies begin to see identity theft as a serious crime, and corporations begin to see their losses as something more than a necessary business expense.

<END>