Attorney Mari J. Frank of Laguna Niguel, Calif., received a chilling phone call in August. “How come you haven't made any payments on your $11,000 Toys R Us bill?” someone from the Bank of New York (BNY) asked.
Frank thought it was a crank call. “Who would ever spend $11,000 at Toys R Us?” she replied. The bank representative explained, “These are charges on a Toys R Us credit card from Bank of New York that was issued to you last October.” “I went, 'Oh, my God!' ” Frank says. “At that point, both of us realized it was fraud.”
Frank was luckier than most victims of credit-identity fraud, in which a person's name and Social Security number are used by crooks to obtain fraudulent credit cards. Her legal training had taught her where to find help, and in two days she had located the thief.
The culprit turned out to be a woman married to a policeman in Ventura, Calif., about a four-hour drive from Laguna Niguel. Posing as a private investigator, the woman, Tracey Lloyd, had gained access to Frank's credit report at Equifax Credit Information Services, one of the nation's three main credit bureaus, through a small service company with access to Equifax's database.
Federal law limits losses on fraudulent credit card debt to $50 per card. But that is often small consolation to victims. They must spend untold hours trying to determine the extent of their victimization: How many credit lines did the thief open in the victim's name? How much was charged, and where? Answers may not be forthcoming for months or years, if ever.
“Banks are quite a bit at fault,” Frank says, because “there's really no punishment for issuing credit so haphazardly that it causes these problems.”
Experts blame much credit-identity fraud on gangs of Nigerian con artists. After entering the United States on student visas, they say, the Nigerians hone their skills at “academies” run by their countrymen. “They are the pre-eminent credit card fraudsters in the world,” says David Robertson, president of The Nilson Report, a credit card newsletter published in Oxnard, Calif. “They are very, very slick.”
To carry out their schemes, according to Forbes, credit-identity thieves only need to “access one of the tens of thousands of computer terminals . . . wired to national credit data banks. Virtually every bank, insurance company, mortgage broker, stockbroker, auto dealer and department store in the country is on-line. The thieves can then punch up practically anyone's credit information - Social Security number, address and other personal data - including, of course, credit status. Then they're off to the races.”
In August, Federal Trade Commission staffers examined one such scam. It involved a man who went to a car dealer to test-drive a truck. The man had fake documents identifying himself as 'John Smith,' but he claimed to have forgotten his Social Security number. The salesman obligingly took the thief into his office, where he called up several John Smiths on his computer screen, each accompanied by a Social Security number. Randomly claiming one of the names as his own, the thief obtained a printout of the data about the man, who turned out to be a general contractor.
Thus armed, the bogus Smith “began applying for credit cards, telling the credit card companies that his actual address was his 'new' address and that [the legitimate John] Smith's address was his 'old' address,” according to BNA's Banking Report. “In this manner, the thief obtained more than $50,000 in goods and services charged in Smith's name, in addition to a [new] general contractor's license. Tracking down the discrepancies took [the real] Smith six months; correcting most of the discrepancies took a year.”
Robertson expects credit-identity fraud to persist, viewing it as an ongoing game of cat-and-mouse between criminals and the credit industry. “The criminals exploit an Achilles' heel, the industry patches it up and then the criminals locate another one.” But the situation has improved somewhat, he says: “It used to be the industry was one step behind these guys, but now it's trying to stay one step ahead.”
Newspaper and magazine articles on credit identity fraud have made the public more aware of the problem, as has the CBS-TV program “60 Minutes.” But increased knowledge has not brought peace of mind: “Unfortunately, we're all going to be looking over our shoulder too much as we enter the next century.”
Although credit-identity fraud may be impossible to stamp out, some precautions can be taken. Frank recommends that consumers write a letter to each of the three nationwide credit bureaus asking that they:
- “Provide me with a copy of my current credit report”;
- “Remove my name from any and all mailing lists and promotions to any entity”;
- “Do not change my mailing address or phone number without verification from me in writing”; and
- “Do not provide my credit report to anyone without my prior permission by phone, fax, or writing.”
Frank says she's still “furious at the banks.” In her view, they “just recoup their losses from credit-identity fraud by charging higher interest rates and higher annual fees. They consider it a cost of doing business, just like litigation is. It's a write-off for them.”
At the personal level, moreover, Frank is consumed by uncertainty. “I still don't know what else [Lloyd] did. I don't know if she took money from people, saying she's an attorney, and then skipped out on them. I don't know if she did anything that will get me in trouble with the Internal Revenue Service. I don't know if she went to a casino or a racetrack, won some money and then put it on my Social Security number. You see what I'm saying? All kinds of insidious things could still happen.”
Lloyd pleaded guilty in October to six counts of felony fraud. Sentencing is scheduled for Nov. 19. In the meantime, Frank is required to prepare a victim-impact statement.
“What's scary is that Lloyd gets a copy of it,” Frank says. “Knowing that makes the thing hard to write. I'm worried that if I describe my fears, and my kids' fears, she may get ideas about retaliating after she leaves prison.”