Identity theft – the fastest-growing crime in the United States – is already being used by international terrorists as a vehicle for raising money and laundering it, but law-enforcement officials fear the situation could worsen to crisis proportions as the crime becomes increasingly widespread.
The issue hit home last week when the FBI released photographs of five men suspected of illegally slipping into the U.S. from Canada. Although authorities this week concluded that the tip they received about the men was a hoax, the incident raised awareness about the issue of terrorists using fake identities to enter the U.S.
U.S. law-enforcement authorities have acknowledged the existence of a large identity theft and fraud network that could have links to terrorism.
Identity theft is a relatively new crime – basically unheard of just a few years ago. But law-enforcement authorities say you will be hearing more and more about it in the months and years ahead.
Aberdeen Group, a leading market analysis and positioning services firm known for its forecasts about business and technology trends, predicts identity theft will multiply three-fold in 2003, from a crime resulting in losses of about $8.75 billion last year to one topping $24 billion this year.
The Federal Trade Commission received almost 120,000 complaints related to identity theft by last September, compared with 85,000 complaints filed in all of 2001.
In November, identity theft was in the headlines with the arrest of Phillip Cummings in a $2.7 million ring, considered the largest instance of financial loss from the crime in the history of the United States. Cummings, a former employee of Teledata Communications, a Long Island-based software company that connects financial institutions with the major credit bureaus via the Internet, is alleged to have pilfered more than 30,000 passwords used by financial institutions like Washington Mutual, Ford Motor Credit and Cleveland-based Dollar Bank, to obtain the credit reports of their customers online. Cummings is said to have then sold these passwords, for $30 each, to a partner who downloaded and sold the 30,000 credit reports to a gang of 20 ID thieves in New York. The group is believed to have used the info on the credit reports to take over a number of consumers’ checking accounts, while also setting up credit-card and brokerage accounts in the consumers’ names.
But authorities fear much bigger scams may be in the works. Last month, for example, enrollment and claim files of more than a half-million beneficiaries of the U.S. military’s managed-care network across a 16-state region were stolen.
Missing are computer hard drives with names, addresses, phone numbers, Social Security numbers, claims data and other information on every beneficiary enrolled in TRICARE through TriWest Healthcare Alliance Corp., the managed-care support contractor for the Central Region.
The Central Region is composed of Arizona, Colorado, Idaho, Iowa, Kansas, Minnesota, Missouri, Montana, Nebraska, Nevada, New Mexico, North Dakota, South Dakota, Utah, Wyoming and western Texas. Among potential victims of one of the largest identity-theft cases in recent memory are tens of thousands of active-duty service members who are listed as sponsors to family members. The threat of financial mischief through credit-card applications, access to e-mail, rerouting government checks and false identifications is clear.
But the stolen data also would seem to create risks to national security and to personal safety, in light of the war on terror.
The break-in occurred Dec. 14, when a thief or thieves stole every hard drive out of TriWest “servers” used to store enrollment and claims storage. TriWest for the past year has housed its servers in industrial park offices in northwest Phoenix.
The FBI, Defense Criminal Investigative Service and other law-enforcement agencies are investigating the incident.
The FBI has called for greater international cooperation to combat identity theft. Certainly, police forces across the U.S. have been overwhelmed by the phenomenon, which surfaced in the early 1990s.
What is truly scary about identity theft is how easy it is. At the simplest level opportunistic thieves pilfer mailboxes – sometimes brazenly trailing postal workers – and rubbish bins, searching for bank and credit-card details, and other information. Once thieves acquire a name, an address, a phone number or, best, a Social Security number, they can construct a fake identity and acquire bogus driver’s licenses, credit cards and bank accounts. Some thieves assume multiple identities, dumping them when credit dries up. Today, identity theft takes myriad forms. Modern thieves are more likely to pick through massive digitized databases, often accessed by hackers using the Internet.
Most cases are far less sensational than the TriWest heist or the Cummings fraud ring.
A former manager of an H&R Block office in White Plains, N.Y., and three of her friends have been charged with running an identity-theft ring that used the names of H&R Block customers to obtain credit cards illegally and steal thousands of dollars in cash and merchandise. Some 27 customers were victims of the scheme between July 2001 and the spring of 2002, according to a complaint by the U.S. Attorney’s Office in New York. William Kezer, the chief postal inspector in the New York region, said some 750,000 people a year are victimized by identity theft.
Often government databases are the easiest to penetrate. For instance, a security glitch on Pennsylvania’s civil-service website left exposed confidential information about thousands of people. It was discovered by a former engineer applying for a job. The error could have allowed more than 2,400 people who filed online for state civil-service jobs between Dec. 16 and last week to view the resumes of the 54,000 applicants who used the site since it opened in August 2000, according to state officials.
And getting the information necessary for identity theft doesn’t even require high-tech expertise. The U.S. Postal Inspection Service is offering a $2,000 reward for information leading to the arrest and conviction of the person who took hundreds of pieces of mail from St. Cloud, Minn., mailboxes. Dozens of pieces of mail were found Christmas Eve in ditches and roads around south St. Cloud, according to police. The mail appears to have been removed from boxes after it was delivered. It’s a crime that inspectors see more in the southern United States and metropolitan areas, according to postal inspectors. But now it is hitting even rural areas in the Midwest.
The disturbing rise in this crime has left people wary of using their own old-fashioned, drop-lid mailboxes. Many are now placing their payments and other sensitive mail in the postal service’s blue mailboxes to try to keep one step ahead of the bad guys.
But what about the connection to terrorism?
The FBI’s new No. 2 agent in Mississippi recently said he wants to use lessons learned from domestic criminals against foreign terrorists.
“We want to go after persons using false identification, low-level fraud schemes and identity theft,” William Jenkins told the Memphis Commercial-Appeal. “These are methods by which terrorists fund themselves and disguise their activities.”
Meanwhile, according to a new study, Islamic groups across Southeast Asia sent up to 3,000 followers to Afghanistan and the Philippines to be trained as terrorists – with part of that training involving techniques of identity theft.
Zachary Abuza’s report, “Tentacles of Terror – al-Qaida’s Southeast Asian Network,” says most of the radicals committed themselves to religious war in their home countries – Malaysia, Indonesia and the Philippines.
“Most Southeast Asians returned and set about committing themselves to running jihads at home, recruiting followers in an attempt to create Islamic states governed by Sharia law,” the report says.
Abuza believes Osama bin Laden saw Southeast Asia as a region of great potential for recruitment and fomenting Islamic revolution because it includes a number of countries with weak governments, porous borders, identity theft and laundering, access to arms markets, and corrupt bureaucracies that give terrorists space to train and operate.
John Michael Hamdani is the Pakistani immigrant who gave the bogus information to the FBI last week about the five men who supposedly used fake IDs to enter the U.S. Authorities arrested him in October, suspecting him of being the head of an immigrant-smuggling ring in Ontario. His scheme allegedly involved $600,000 in counterfeit travelers’ checks, passports and other identification records.
But Canada withdrew a fraud charge against him after he made a brief appearance in an Ontario court. He is still being held because he faces a similar charge in the United States. The Ontario attorney general’s office refused to explain why charges against Hamdani were dropped.