Personal Web Data Theft Flourishing


Thursday, September 14th 2000, 12:00 am
By: News On 6


WASHINGTON (AP) — Bank account search: $249. Available around the country. Takes 10-18 business days.

Ads like this on the Internet are proliferating, experts say, despite a 10-month-old federal law prohibiting use of deceptive techniques to get people's personal financial data from banks.

Such techniques, notably ``pretext calling,'' in which people misrepresent themselves to obtain the private data of others from banks and other financial institutions, are flourishing, congressional testimony showed Wednesday. Pretext callers often pose as law enforcement agents, social workers, potential employers and other figures of authority.

How-to books teach foolproof methods of wangling financial information out of bank employees, discussion groups trading techniques abound on the Internet and there are courses in pretext methods.

``The techniques are becoming more complex and refined,'' Robert Douglas, a privacy consultant based in Alexandria, Va., testified at a hearing of the House Banking Committee.

Identity theft is one of the fastest-growing crimes in the United States, ensnaring some 500,000 people a year, the government estimates. The cruder methods, such as digging through people's trash for credit card receipts or bank statements, have been largely supplanted by more technologically savvy techniques. In the most advanced cases, hackers have been able to penetrate big corporations' databases and download credit card numbers and other data.

Some perpetrators use telemarketing scams to trick consumers into revealing personal data. An array of authentic-looking fake IDs, including Social Security cards, birth certificates and driver's licenses, are on sale online. While most victims of identity theft eventually recoup their lost money, the damage to their credit records and invasion of privacy can be terrible.

Compounding the problem, according to law enforcement officials, is the growing presence in this country of organized crime groups, notably Russian and Nigerian, that engage in large-scale identity theft schemes affecting Americans.

The result: hundreds of thousands of victims like Shon Boulden, of Hillsboro, Ore., who had his credit ruined after people using 12 different names used his Social Security number to open numerous bank and retail accounts and to get car loans.

Although the credit bureaus, such as TransUnion and Experian, have put fraud alerts on his account, ``they haven't done much to help me get rid of my bad credit,'' Boulden, 22, told the hearing.

In addition, he said, he recently learned that new people have been opening accounts using his Social Security number, even after the fraud alerts were in place.

``I fear every day that I won't be able to get this fixed and that I'll have bad credit for my whole life. As a young person, I need credit to get started in life,'' Boulden said.

It is easier than ever to get someone's name, address, date of birth, Social Security number, mother's maiden name and telephone number, often by buying it on the Web, experts say. Across the country, an army of information brokers and private investigators are said to be stealing personal financial data and selling it.

``Americans' financial privacy — indeed their very financial identities — are at risk as never before,'' said Rep. Jim Leach, R-Iowa, the Banking Committee chairman, adding, ``Law enforcement agencies need to take these crimes more seriously.''

In an earlier exercise, members of Leach's staff phoned several information brokers and private investigators around the country to see how many would sell them bank account information and under what circumstances. In less than three hours, the first 10 companies they reached were willing to sell detailed account data likely only to be obtained through deceptive means. None turned them down.

Legislation enacted last November that lets banks, securities firms and insurance companies enter each other's businesses includes a provision making it a federal crime, punishable by up to five years in prison, for anyone to misrepresent himself to obtain someone's private financial data.

———

On the Net:

House Banking Committee site: http://www.house.gov/banking