Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Identity Thieves Not Big On Technology 94

Posted by kdawson from the not-much-hacking-involved dept.
alphadogg sends us to Network World, as is his wont, for a summary of a new study of identity theft based on the outcomes of more than 500 Secret Service cases from 2000 to 2006. Here is the study report (PDF). The AP has coverage emphasizing other slants on the findings. Among the surprises: just 51% of convicted ID thieves were sent to prison. Only 20% of the cases involved use of the Internet, and such cases may be on the decline. More perpetrators used good old-fashioned dumpster diving and stealing stuff out of mailboxes.
This discussion has been archived. No new comments can be posted.

Identity Thieves Not Big On Technology More

Identity Thieves Not Big On Technology

Comments Filter:

  • Lies, Damn Lies, and Statistics... (Score:5, Insightful)

    by gbulmash ( 688770 ) * <semi_famous@yah o o . c om> on Tuesday October 23, 2007 @08:06PM (#21093577) Homepage Journal
    From the AP article: "The Federal Trade Commission has said about 3 million Americans have their identities stolen annually." And this study covers 517 cases over 7 years (2000-2006). I'm sorry, but I can't see a study of 517 cases during a period of approx. 21 million crimes providing really useful data.

  • Did they catch everyone? (Score:1, Insightful)

    by Anonymous Coward on Tuesday October 23, 2007 @08:17PM (#21093699)
    Maybe those who use high tech did not get caught?

  • You're making a poor assumption (Score:5, Insightful)

    by Chmcginn ( 201645 ) * on Tuesday October 23, 2007 @08:40PM (#21093943) Journal

    The 99% margin of error on this study is about 5.5% (e.g. there is a 99% chance that the real percentages are within 5.5 points of the reported percentages). If the sample size were 1000, we would see a margin of error of 4%, and a we'd need a sample size of 10,000 to give us a 1.2% margin of error.
    This assumes that the cases taken were representative of all cases in the United States, and were randomly selected out of the pool of available cases. Considering that the Secret Service only gets involved in certain cases of identity theft, this is probably an incorrect assumption.

  • Re:Three words (Score:5, Insightful)

    by stefanlasiewski ( 63134 ) <(moc.ocnafets) (ta) (todhsals)> on Tuesday October 23, 2007 @08:41PM (#21093945) Homepage Journal
    A shredder doesn't help when a credit card company delivers a pre-approved credit card offer, or when the community college uses your SSN as your 'Student Identification Number' on a freshly printed postcard.

    If Credit Card companies really cared about identity theft, then why do they mail out millions of unsolicited, pre-approved credit card offers every year? Even if someone signs up for the 'opt-out' list, some unscrupulous lenders will ignore the list and send unsolicited offers in the mail.

    What percentage of identity theft occurs from someone stealing one of those little envelopes, I wonder.

  • Alternate explaination: (Score:5, Insightful)

    by Anonymous Coward on Tuesday October 23, 2007 @08:42PM (#21093961)

    Only 20% of the cases involved use of the Internet, and such cases may be on the decline.


    Law enforcement is becoming less and less effective at identifying and prosecuting electronic identity theft. After all, only 20% of thieves who got caught used the internet.

  • Re:Three words (Score:3, Insightful)

    by greg_barton ( 5551 ) * <greg_barton@yaho ... m minus math_god> on Tuesday October 23, 2007 @09:12PM (#21094187) Homepage Journal

    What percentage of identity theft occurs from someone stealing one of those little envelopes, I wonder.

    That's why, when you get 'em, you shred 'em.

    Security is not absolute. It's always about probabilities. You reduce the chance of a breach, but you can never make it absolutely impossible.

  • Mod parent up! (Score:4, Insightful)

    by khasim ( 1285 ) <brandioch.conner@gmail.com> on Tuesday October 23, 2007 @09:12PM (#21094193)
    From the pdf:

    Source of Data
    The data for this study was collected from United States Secret Service closed
    cases with an identity theft component which were opened and closed between
    2000 and 2006. The staff at Secret Service headquarters selected the cases for
    the research team, based on the primary and secondary case codes that Secret
    Service uses to classify its cases.

    That seems to indicate that only cases that had been SOLVED were used in this "study".

    Of course, which case would be easier to solve?

    #1. Someone in Russia stealing your ID via a keylogger installed on your workstation.

    #2. Someone in your apartment building breaking into your mailbox.

  • Re:Three words (Score:0, Insightful)

    by Drakin020 ( 980931 ) on Tuesday October 23, 2007 @09:22PM (#21094249)
    That doesn't exactly prevent people from taking it out of your mailbox before you get to it first.

  • You aren't taking the long view. (Score:5, Insightful)

    by khasim ( 1285 ) <brandioch.conner@gmail.com> on Tuesday October 23, 2007 @09:23PM (#21094253)
    The big money is not in taking cash out of someone's account and hoping that they don't notice.

    Here, you know what databases are, right? Think of a database of every possible Social Security Number.

    Then, think about a criminal organization filling in the information they can find from various sources.

    SSN - FName - LName - DoB - MomMaiden - Address - SpouseLink - Child1 - Child2 ..... BankAccnt1 - BankAccnt2 etc

    Fill in enough of that information and you can use it to get info on the numbers you don't have filled in.

    Now, they are you, as far as any financial institution is concerned. They can take out a second mortgage on your house. They can buy a car in your name. They can steal more from you than you have in any of your accounts.

    They can even try to cash out your 401k. They are you.

  • Wrong Statistic (Score:4, Insightful)

    by cale ( 18062 ) on Tuesday October 23, 2007 @09:48PM (#21094461)
    Looking at the number of cases closed is the wrong statistic. In combating the problem of identity theft, or online fraud in the larger sense, what really matters are the actual losses associated with each case.

    I don't really care if some mope dug through my dumpster, stole my credit card pre-approvals, and got caught using the fake card running up $200 worth of porn purchases. The case I worry about is the single criminal or criminal organization that systematically steals millions of pieces of credit card data and efficiently exploits each piece to the maximum extent possible.

    If the investigation of each of those scenarios is one case then they have equal weight under the statistic used by the article. In terms of actually combating identity theft the latter example and the resultant prosecution is much more important and effective. Unless they discuss the loss amounts associated with cases of each case, this statistic, the conclusions based on it, and the entire article are missing the point and not talking about actually fighting identity theft and are instead talking about looking like you are fighting identity theft.

    The other comments are completely on the money pointing out that this is only closed cases and the difficulty of actually closing an international investigation.

    All in all another wholly misinformed article about the real threat of identity theft and online financial fraud.

  • Re:Three words (Score:4, Insightful)

    by CodeBuster ( 516420 ) on Tuesday October 23, 2007 @10:26PM (#21094783)
    If Credit Card companies really cared about identity theft, then why do they mail out millions of unsolicited, pre-approved credit card offers every year?

    This would be a really easy one to fix with just a bit of legislation really. The consumer credit contract should be like applying for any other major loan, consumer signature required for contract to be valid or the contract is void and all claims arising out of it are also void (i.e. the credit issuer or backer shoulders all of the responsibility for loaning out money to a phantom that they couldn't verify). This would place all of the risk for verifying identity and preventing theft on the credit card issuers. Some people might complain that this would make credit harder to get for "deserving borrowers" but really the last kind of credit that those marginal borrowers need is yet another unsecured, high rate, short term borrowing instrument (i.e. the credit card). So what if credit is a bit more expensive because we actually implement security and sound verification practices? The easy credit binges are what brought us the housing bust, the subprime mortgage meltdowns, the dotcom crash and a host of other financial disasters. Do you help an alcoholic with a hangover by giving him another drink? Do we have to give pre-approved credit card offers in the mail to everyone who is breathing and has a pulse? Who needs it?

  • No surprise... (Score:2, Insightful)

    by amccaf1 ( 813772 ) on Tuesday October 23, 2007 @11:22PM (#21095191)
    No surprise that identity thieves aren't big on using the Internet. I mean, think of the risks of their putting personal information out on the 'net... They could have their identities stolen!

Slashdot Top Deals

This restaurant was advertising breakfast any time. So I ordered french toast in the renaissance. - Steven Wright, comedian

Close