This blog series is dedicated to sharing real-world stories of identity fraud and theft — and just how devastating these crimes can be on organizations, individuals, and families. Our latest post focuses on how analog, or non-digital identity theft scams, targeting entire families can lead to significant losses, and what you can do to guard against them.
It all began in 2014 when a major national bank sent Amy Wang a generic letter informing her that a now-former employee had sold some of her family’s Personally Identifiable Information (PII) to a third party. About the same time, Amy’s husband, an employee at a large hospital, learned that several coworkers had been hit by credit card fraud in a pattern that looked like a potential HR data breach.
Fast forward 18 months, and the Wangs start to receive credit card denials and store credit cards in the mail, as well as a string of department store bills for high-end designer purchases totaling more than $25,000 that they never made or authorized.
But wait, there’s more. In January 2016, the couple received a blank change-of-address form in the mail from the U.S. Postal Address. The form didn’t specify their purported new address, so Amy thought little of it. She only followed up two weeks later with her local postmaster after a concerned mailman alerted her to do so. At the urging of post office officials, the couple contacted the U.S. Federal Trade Commission (FTC) and filed a police report.
However, around this time the Wangs stopped getting all their mail — including end-of-year W2s, bank statements, tax forms, and college and retirement savings documents linked to their children. In fact, their mail was being forwarded to an unknown and nearly untraceable address at a housing complex about five miles away.
It took nearly two months for the Wangs to get their mail flowing properly, and during the ensuing weeks, untold amounts of the family’s PII was compromised. And still, the Wangs continued to tussle with the crooks, who attempted yet another change-of-address request, as well as an effort to access the family tax records with the IRS in a suspected attempt of tax identity theft.
Although they successfully froze their credit and disputed the fraudulent charges from the thieves’ five-figure shopping spree, the ordeal was nowhere near over for the Wangs. In addition to racking up late fees and penalties, it took them between 300 and 500 hours working to resolve the fraud, including many sleepless nights, and significant hits to their “productivity and emotional and psychological well-being.”
Breaking Down Analog Identity Theft
The Wang case highlights three key points about how non-digital (analog) identity theft can affect families:
- Methods can be low-tech. The criminals were able to change the Wangs address with the USPS during the most financially sensitive month of the year — January — when the family’s tax documents were being transmitted along with financial information. In recent years, a little more than half of the fraud reported has been linked to consumers’ “non-digital” personally identifying information. This means the fraud didn’t involve — or at least, didn’t start with — the thief exploiting some cyber vulnerability, according to a report from the University of Texas at Austin’s Center for Identity.
- Thieves are closer to your orbit than you think. Analog thefts include data retrieved from a stolen laptop, lost wallet, or pilfered mail — and can even include sensitive documents stolen from your trash. It also encompasses insider theft — such as familiar fraud, when identity theft is committed by a family member or friend, or employees at companies where you do business, who exploited their access to paper or digital records.
- Children’s information can remain dormant for years. Sophisticated identity thieves can be extraordinarily patient. If they are able to access the PII of a child, they often sit on that information until the child reaches the age of majority to begin the process of stealing their identity, opening fake bank accounts and credit cards in their name, etc. Or, they may use a child’s Social Security number to commit synthetic identity theft, the fastest-growing financial crime in recent years.
What Should You Do to Protect Yourself from Analog Identity Theft?
To avoid getting caught up by tax-related identity theft, the FTC recommends that you never provide a Social Security number (SSN) or Tax ID number on any online or paper applications or forms unless it’s absolutely required. According to an FTC release, an identity thief may use your SSN to get a tax refund or a job, and you may not know it has happened until:
- The IRS sends you a letter (always by mail) saying they have received a suspicious tax return that uses your SSN, or
- You try to e-file your return, but it’s rejected as a duplicate because a return has already been filed using your SSN.
Of course, if you think your sensitive tax information or SSN has been stolen, you should — just as the Wangs did — put a fraud alert on your credit reports, close any new and unfamiliar accounts opened in your name, and consider placing a credit freeze on your credit reports.
In addition, there are a number of IRS tax fraud and identity theft protection tools available from IdentityForce that can detect “change-of-address” attempts, including Smart SSN Tracker. To protect children’s identities, our ChildWatch service alerts parents of suspicious activity in their child’s emails, social media posts, and text messages. Finally, we offer fully managed identity restoration services from our Certified Protection Experts who can save you hundreds of hours’ worth of work dealing with the fallout while completely restoring your identity.
Get started with a Free Trial Today.