Search This Blog

Friday, February 29, 2008


GETTING INSIDE THE MIND OF AN IDENTITY THIEF


Several years ago I began thinking about what would happen if we didn’t take steps to protect the personal data we collected in the junk mail industry. At the time I was in charge of buying mailing lists for a West Coast catalog company, and also selling the list of our customers to other junk mail companies. The use of credit cards for telephone orders was gaining momentum, which meant we had the buyer’s credit card number along with his or her name and address. Although identity theft wasn’t a force at the time, it seemed to me that additional security for customer lists would have to parallel the supplementary private information we were asking for. And then I saw an acquaintance from the company’s data processing department walking out on a Friday afternoon with a magnetic tape (hard drives were in the development stages then) in his hands. I casually inquired what was on the tape, and he told me it was the catalog’s customers. Obviously feeling guilty about having the company’s source of income in his hands and at his residence for the weekend, he quickly added he had to deliver it to a third party for processing on Monday, and didn’t want to make the trip to the office first. It was then that I knew the junk mail industry was in trouble. Earlier I had had a taste of the problem when a large database compiler I worked for left tapes with private information lying around on tables unattended. I also witnessed the same thing over the years in computer facilities that were service centers for junk mailers. The only answer is that no one really knew the value of this personal data. At least not how to put it together with things like date of birth and Social Security numbers, along with name and address, which are the ingredients needed today to steal your identity. This is all a prelude to an excellent article I found recently from SC Magazine, titled: “You have to think like a thief to protect your data.” Which proves the point that we didn’t do our job in the 1970s,’80s and ‘90s in the junk mail industry to protect your names and personal data. And, based on the rash of data breaches in recent years, they still aren’t prepared. The SC Magazine piece makes a statement that I have been emphasizing for three years now: “Data theft is the number one motive for intentional data breaches.” The author continues with more familiar points that it is supported by organized crime, and sometime too tempting for insiders with control over our data to resist stealing and selling it for a profit. For this reason you have to outthink the crooks by making every effort to secure your private information, since you obviously have no control over how it is used. Here are some sites you can go to that provide info on prevention, if you suspect fraud, and if you are a victim: Federal Trade Commission; Privacy Rights Clearinghouse; Identity Theft Resource Center. Finally, at all costs protect your credit card numbers because once the bad guys have them, they go for as little as $5 on the underground Internet. Start thinking like an ID thief and you won’t become one of their victims.

No comments: