It was not uncommon for Janice Jackson to receive her neighbor’s mail. When her mail carrier was ill, his replacement, who was still learning the route, often put mail delivered to Jackson’s Staten Island, New York, address in her neighbor’s mailbox. Normally, Janice Jackson and her neighbor, Mona Jackson, would return each other’s mail — until Mona Jackson mistakenly received a pre-approved credit card intended for Janice Jackson and used it to withdraw cash from automatic teller machines. “I received a bill for a credit card I did not have,” says Janice Jackson. “I remember accepting the offer for the card several months prior to receiving the bill, but then I forgot all about it.”
Janice Jackson called the credit card company, which began an investigation. “They found out that the first set of bills were going to Mona Jackson’s apartment. It was frightening how easily someone could use a credit card that was in my name,” Janice Jackson says. The company didn’t investigate further, stating that the $600 cash withdrawal was not large enough for them to prosecute.
Up to 700,000 people were the victims of identity theft last year, according to the Identity Theft Resource Center. Identity thieves steal credit cards, write bad checks, buy cars, establish phone or wireless service in your name, and commit other fraudulent acts that damage your credit record and invade your privacy. They pose as loan officers, law enforcement agents, social workers, potential employers, and figures of authority in order to obtain sensitive financial information from their victims.
Another concern for potential victims is the threat posed by predators who dig through garbage cans for credit card receipts or bank statements. But those methods have been replaced. Today, technologically savvy Internet thieves obtain personal information by accessing passwords, exploiting security vulnerabilities, observing transactions on the Web, and by directly attacking servers. Online fraud losses for 2001 were 19 times greater than those resulting from brick-and-mortar sales. More than $700 million in online sales were lost to fraud in 2001, representing 1.14% of total annual online sales totaling $61.8 billion, according to GartnerG2, a research and analysis firm (see “Protect Yourself,” Techwatch, this issue).
In an effort to make cardholders feel more comfortable shopping online, most credit card issuers have eliminated all liability for Internet card fraud and have developed better security measures. Visa’s Verified by Visa and MasterCard’s Universal Cardholder Authentication Field (UCAF) are credit card protection systems with easy to use password-based applications. Visa also monitors participating e-merchants and Internet service providers for adequate firewalls and other data-protection devices.
The Address Verification System (AVS) has proven to be the most effective deterrent. AVS, a free service offered to vendors by the United States Postal Service, compares the billing address supplied online with the billing address on file at the bank issuing the credit card.
In response to the growing crime epidemic, many states have passed laws related to identity theft. Two federal laws, The Identity and Assumption Deterrence Act, enacted by Congress in October 1998, and the