Tag: identity theft

Legal Identity Theft

Lisa was researching diapers online. She came across an offer that promised free diapers if she’s fill out a survey. Fair enough; we’re really in need of diapers, so she bit. And was dragged into a horrible cesspool of legal identity theft.

“Legal identity theft? What’s that?” you may ask. Here’s my definition: It’s when you’re tricked into a network of so-called permission-based marketing. Lisa gave up her name, phone number, address, e-mail address, and some important personal facts, such as the fact that we’re parents and the age of our child. She thought such information would be helpful to the diaper company, who would reciprocate with a little bit of free product. Sound too good to be true? It didn’t to us. But it was.

After giving out her contact information, Lisa found out that she had to sign up for a certain number of paid offers to qualify for the free diapers.  These offers ranged from other baby products to life insurance.  Some were subscription-based, and claimed to offer free opt-out options.  That last claim rings a bit hollow to my ear.  Within 30 minutes, she received the first phone call on her cell phone, this one from a life insurance agent who was insistent that she sign up for a special offer.

Your contact information is worth something.  Specifically, about $40.  That’s an average for people who sell data to purveyors of generic mailing lists.  Other qualifying factors, such as parenthood and home ownership, can raise that premium.

There’s also a black market for identity information, and by most accounts it’s cheaper to buy your data (this time incuding credit card numbers and bank account numbers) on this market.  Makes me wonder when marketeers will start going to the dark side for cheaper info.

Be careful what you sign up for, folks.  I read the privacy disclosure on a recent credit card statement (the fine print, if you will) and discovered that I need to opt out of Bank of America sharing my contact info with other companies.  They have a special phone number you need to call if you don’t want your data shared.

My identity was almost stolen – again

Two phone calls today.  I answered the second one.  302 area code.  It was an automated system claiming to be the Bank of America fraud protection department.  The automated system wanted me to verify my social security number and address.  My eyebrow raised, I got the tinfoil hat out of my wallet, and I prepared to put it on.  “Not quite yet,” I told myself.  I hung up the phone.

I got my laptop out and checked my e-mail.  Two e-mails, both claiming to be from Bank of America’s fraud protection folks.  The URLs check out; not a phony URL, but a Bank of America subdomain.  Hm, wierd, I thought.   They want to verify some transactions for an account number that doesn’t look familiar to me.  There’s a phone number in the e-mail.  I called.  Big phone system, kept me on hold for like 9 minutes.  Kept reminding me that my call is important to them.  It felt like I was talking to a bank.

Nice-sounding guy answered the phone.  He asked me to verify some information.  I gave him some.  Billing address; no big deal.  I told him I was calling about an account number that didn’t look familiar to me.  He said Bank of America is merging with MBNA and I’ll be getting a new credit card number.  This was it.  I hit the Google while we talked and verified that Bank of America is, in fact, merging with MBNA.  Ok, this seemed legit.  I told him I wanted him to verify for me that he’s actually Bank of America.  He told me I could call the number on the back of my card if I was nervous.  That allayed my suspicions.  He asked for some more information.  I gave it.  Then he asked for the names of some of my closest relatives.  Alarm bells went off.  I dove for figurative cover, got my tinfoil hat out and put it on, and nervously said, “I, uh, don’t think I’ve ever given Bank of America that information.  It shouldn’t be in my account record.”  He said that Bank of America is a big organization with the capability of finding out such information.  I hung up.

When I talked with the real Bank of America people (I actually called the number on the back of the card), they said the whole thing sounded fishy.  I verified my last few transactions, with information flowing both ways.  We determined together that I hadn’t given out enough information for anyone to access my accounts, so they’re not in any direct danger.  But I was, and still am, scared.

These people are good.  They got my personal cell phone and e-mail address, crafted some very convincing-looking e-mails, web sites, and phone calls,  treated me professionally like a bank would, knew the latest in banking business news, and reminded me at all turns to keep my personal information safe.  They even had a phone tree, for goodness sakes, that contantly reminded me that my call is important to them.  If these people are setting up a fake banking operation, they’re doing a darn good job of it.

I thought I was the last person to fall victim to a scam like this.  But the scams are getting better.  Please be careful, friends.  If you have any questions, initiate contact with your bank by making a phone call to a trusted number or by going DIRECTLY to the bank’s web site.  That means not clicking on a link in an e-mail and not calling a number you’ve never seen before.

And don’t forget your tinfoil hats!