"I was an Identity Theft Victim..."

Thieves Rang up $250,000 Debt in Six Weeks John was a businessman on a business trip. He used his credit card for a client dinner - and a criminal in the restaurant copied the card, stole John's identity and ran up $250,000 in debt in just six weeks time.

Read this interview to learn how John:

  • Discovered he was a victim of Identity Theft;
  • Fought back against the thieves;
  • Changed his behavior to protect himself and his family from further incidents

TOM FIELD: John, how did you become a victim of identity theft?

JOHN: Well, what we believe to be the case, it seems on the surface to be fairly innocent. I went on a business trip to Florida and in the process had taken some clients out to entertain them, and as I opened up a tab to be able to proceed with that entertainment, the folks that were running the bar must have taken my credit card and created another impression of it and taken the security code off of the back of it.

TOM FIELD: Wow.

JOHN: And this was just a regular restaurant ,you know. Not unlike what you might do in any other situation being placed in that type of environment.

TOM FIELD: Now, how did you notice the crime?

JOHN: Interestingly enough, I had an account with Citibank, and that is the card that they seemed to have gone after initially, or that they had committed the fraud with initially, and Citibank had installed a great deal of business intelligence software into their infrastructure, and they had noticed that there were some anomalies in how my account reflected activity. And with that, too, realized that there were open accounts, and given my past history and payment methods realized that they weren't consistent with what the account was showing.

TOM FIELD: Well, that is great.

JOHN: So they proactively gave me a call.

TOM FIELD: Otherwise this could have gone on for a long time, and you might not have noticed.

JOHN: Not only that, Tom, but in a short amount of time, so in about six weeks time, the people that had compromised my identity had rung up about $250,000 dollars worth of debt.

TOM FIELD: Oh, my Lord. In just six weeks time?

JOHN: Yeah. And the way that they do it, Tom, just for those that might get the benefit of this conversation's background, is they reverse-engineered my Social Security number using a credit card and with that got access to a credit report. So, something that you would use to protect yourself they actually used to commit fraud. They then went back and realized accounts that had been opened as far back as 10 years previous, but that had no activity.

But what I have since come to realize is, if you don't physically call a company with whom you have credit and tell them after you are through utilizing that card for whatever reason -- you know, oftentimes you take organizations up on an instant discount and then pay the account off immediately, or whatever the case is, but if you don't close those accounts out and get a letter stating that has been the case, those accounts remain open. And with that, they went back and systematically went through those accounts where they could see the greatest benefit the most quickly, and with that opened up business accounts. They went to the likes of Wachovia and asked for cash advances, and those things are processed so quickly that before anybody could catch up with what was happening they were out the door with the live check that was cashed, and that was that.

TOM FIELD: Wow. John, ultimately how did you fight back?

JOHN: Well, Citibank was very useful in the process in terms of resolving the issues related to their card specifically. But as I, you know, sort of referenced, it went far beyond just the Citibank card. So, ultimately what I had to do was make contact with all the credit agencies and put an immediate hold on any of my accounts and added an additional layer of security, which they will do in these circumstances. This requires additional levels of authorization to either open up an account or to utilize any of the accounts that you have active. So, that was the first thing.

The second thing was filing a report with your local, or in this case my local, police station. Sounds kind of awkward because, you know, at that point you really don't know where the point of compromise was. But I am told that that is standard procedure. So, the next thing was going to the local department and filing a police report, and to the best of my knowledge letting them know what I believed may have happened.

The third thing I did, because initially I was unclear as to how my identity had been compromised again, was I installed a mailbox at my home that locked. Because what I have come to find out is that another way that your identity is often compromised is that people will go around and pick up mail with pre-approved credit card offers and so forth; they are able to open up accounts quickly and just change the forwarding address to an alternate address than your own.

From there, I was fortunate through some business to have some contact with some people in the Secret Service and got their counsel. But through this process, and it is amazing because though it is clear through the likes of Citibank that there has been fraud committed, you have to prove yourself to the rest of the world and to the reporting agencies, to the credit bureaus. So, by going through the process of seeing the police and doing that freely and reaching out to anybody, the Secret Service and so forth, you establish more credibility when it comes to calling into question those charges that you are saying you are not responsible for.

TOM FIELD: Sure. Now you said it took about six weeks to ring up $250,000 dollars worth of damage. How long did it take to undo all that damage?

JOHN: Probably six months or more. And when I say six months or more, the phone calls, the amount of effort behind it was constant. Fortunately, once you start to establish a rapport with people that are trying to help clear up the situation, they tend to get proactive in contacting you when new accounts are open and they identify that situation so that you can start to write the letters and make the phone calls necessary to start to challenge those charges and to have them taken off of your credit reporting.

TOM FIELD: You talked before about how you put a locking mailbox at your house, which is a good step. How else has this experience changed your behavior, if at all?

JOHN: Well, both myself and my wife pull annual credit reports and review them to make certain that there has been nothing added that we haven't authorized, even though we have put additional measure on both of our credit bureau reporting services. I would say in addition to that, anything that was outstanding -- because when you pull up your credit report you realize that there are a lot of aliases. There are, you know, inappropriate configurations on how your name appears ,and sometimes they will add the middle initial to your last name and so forth. But we just made sure that absolutely any detail associated with my credit and with my wife's credit in this case now was 100% clean and in accordance with what we wanted and with what we deemed was authorized by us. And again, it involves a great deal of working with the credit bureaus. Typically though, if you work one, the information that is translated to one of them ends up being transferred to the other two, which is helpful and efficient.

TOM FIELD: Good.

JOHN: Other than that, we have also recently investigated the services that are out there that guarantee that they will continually update the status of your accounts and protect you against identity theft in the future.

And then of course, it is spreading the word. You, Tom, I am not sure that you have got both of your parents with you, but one of the things that occurred to me is folks like my parents, probably haven't looked at a credit report in 10 years because they really don't have a need to.

TOM FIELD: Sure.

JOHN: And I have got to believe that people just like them would be primary targets for those that are committing this type of activity.

TOM FIELD: Well, you are right. The elderly and the young as well because, you know, you've got a young child, often you get a Social Security number for the child and that makes them vulnerable.

JOHN: That's right. And in the state of Massachusetts that process is immediate. As soon as they are born, the Social Security request comes with their birth certificates for the most part and they are issued a Social Security number.

TOM FIELD: Now you continue to travel for business. Has it changed your behavior at all when you are entertaining clients, going in and out of hotels? Because the cards are always being passed around.

JOHN: It has. I have really--the other thing I have really altered my behavior in the number of cards that I keep. So I am fortunate that I have got a great credit rating. I whittled down my activity to two primary cards. There is a card that is linked to my personal money market and checking accounts, and that card is used very selectively and it is used in what I feel to be, you know, perceive to be, more controlled environments. When it comes to travel, I exclusively use the same Citibank Visa card that I had for years past because I know that they have invested in business intelligence infrastructure to help detect things, and they have also got the functioning support system so that those that experience this type of unfortunate activity have somewhere to go and a resources that they can lean on to help clear things up.

TOM FIELD: Well, that is great. John, any advice for people who think that they might be at risk of identity theft? What is the first thing they should do?

JOHN: First thing I would say is to contact the credit bureaus and to start to call any open or active accounts that you have a credit card link to and make sure that you put alerts on those cards. Don't take for granted that just by making the call to the credit bureaus that you are getting the benefit of all of the opportunities and assistance and programs that are available out there to help protect your identity.

What I have come to find is that each individual organization has started to or has already formed their own support system for this type of fraudulent behavior because it protects them as well. So I would definitely make those calls and take advantage of that.

The other thing is, you know, don't hesitate for a minute to start to build your own credibility because in this circumstance you are a victim not only in the fact that, you know, you are violated and that someone has assumed your identity, but you feel like you are a victim because you have to prove your innocence to the people that you may have had service through and shown good and consistent payment patterns with over the course of time. They are not all going to treat you like a Citibank might by looking at your history and realizing that something might be inconsistent and raising a red flag. Oftentimes you have got to prove that you have not done something wrong and that you are just trying to write off debt that you don't want to be responsible for.

TOM FIELD: Sure.

JOHN: And then finally I would say, don't leave any stone unturned when it comes to getting your own identity in order. Take the necessary and appropriate steps, as painstaking as it might be to make the phone calls, write the letters and be certain that the identity that you've got established is the identity that you approve of and that there are no even minor anomalies in how you are identified through any systems. Because that is how the people that are behind these types of schemes tend to get away with it.

TOM FIELD: Well, John, I am sorry you were victimized, but you have become an excellent spokesperson. I really appreciate your time and your insight today and your willingness to tell your story.

JOHN: Oh, it is my pleasure, Tom.

TOM FIELD: I've been talking with John, and the topic is identity theft. I'm Tom Field for Information Security Media Group. Thank you very much.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.