Month: January 2019

ID Theft Defined and Explained

ID theft
Laptop fingerprint with Identity Theft text

Understanding a Common Crime

By: Accident attorney Michael P. Ehline, Esq. After Google Places had merged our business law firm listing with a competitor about 40 miles away, we started researching identity theft. Hence, we created this pretty comprehensive treatise.

Definition of Identity Theft:

Identity theft occurs when another person assumes an individual’s identity. Here, the thief knows how to access financial resources. So they obtain credit and other benefits, using the person’s name.

Identity theft makes a victim of the individual. So it is he or she who suffers the adverse consequences of the thief using their credit. Sadly, victims are forced to pay all these costs. Plus, the name, Social Security number, credit card, or bank account number are all exposed without permission. Criminals do this to commit crimes or fraud.

Understanding The History of Identity Theft

The term identity theft has been used since 1964. Yes, it’s not possible to steal a person’s true identity. But the criminal can impersonate or assume their financial identity to commit fraud. Identity theft and data breaches can be challenging to recognize. After all, in most cases, the victim does not know that anyone else has their personal or financial information.

According to the Federal Trade Commission, when there has been a breach, victims often don’t know how their information was stolen. But they also found that identity fraud was not always a consequence of identity theft. After all, it is possible for someone to steal or misappropriate personal information without committing fraud.

What is a Major Breach?

And this can occur when there is a significant data breach. According to a U.S. Government Accountability Office study most data breaches did not result in detected occurrences of identity theft. But the report did state that the full extent data breaches are unknown.

An unpublished study by Carnegie Mellon University reported that most cases of identity theft are unknown. But the probability of becoming a victim of date breach identity theft is approximately 2%. One of the most significant data breaches consisted of about 4 million records. And according to the association of consumer information companies; it resulted in approximately 1800 instances of identity theft.

An article entitled “Cyber Crime Made Easy,” discussed the level that hackers are using malicious software. Security specialist Gunter Ollmann asked: are you “Interested in credit card theft? There is an app for that.” What he was alluding to is the ease that hackers are accessing information online.

One of the newer programs that are infecting computers is called Zeus, which is hacker friendly. And this makes it easy to use even for a new hacker. It might be easy to use, but it is devastating for the computer user it affects.

The article said that programs like Zeus could be used to steal credit card information and relevant documents, even those necessary for homeland security use. Hackers gaining this information could not only use it for identity theft but possible terrorist attacks.

What are Some Types of ID Theft?

The non-profit Identity Resource Center has divided identity theft into five categories, as follows:

  • Criminal Identity Theft: This is posing as another person for financial or personal gain, which is a crime.
  • Financial Identity Theft: This is the use of someone else’s identity to obtain goods, services, and credit.
  • Child Identity Theft: This is the use of a child’s information to obtain credit, services, and goods or assume their identity.
  • Medical Identity Theft: This is the use of another person’s identity to obtain medical care or drugs.
  • Identity Cloning Theft: This is the use of someone else’s identity to assuming their status in life. It means using the person’s name in meeting people, employment, and other activities.

Other crimes are funded with ID theft.

Examples Include:

  • Phishing
  • Illegal immigration
  • Terrorism
  • Espionage.

Also, identity cloning can be used to attack payment systems. Examples include online credit card processing and medical insurance.

Criminal Identity Theft Explained

In fact, this occurs when an identity thief impersonates another human to conceal their real identity. People that do this could be a person hiding from creditors or other persons. It could be an illegal immigrant or another who wants to become anonymous for personal reasons. Another type of euphemism for this is  a “poser.”

A poser is a person that uses another’s photos and information on social networking sites, and they further relay credible stories. And many involve friends of a real person they are attempting to imitate. One of the other things this type of ID thief does is to acquire false credentials that will pass authentication in daily life. And this can continue indefinitely, without detection.

What is Identity Cloning?

So this is a great question. This theft happens when a thief assumes another’s name to conceal their real identity. So, for example, this is their form of the witness protection program. So let’s say they want to avoid being found by an ex-spouse or partner. And now this can continue for an indefinite amount of time. And this remains especially true if the person can obtain false credentials in the assumed name that appear authentic.

Synthetic Identity Theft

This is a type of identity theft that has become familiar, with the use of characters that are either partially or wholly fictitious. Commonly the way this is done is by using a real social security number, with a birth date and name that is not attached to this person. The stolen social security number will create adverse credit effects. And this holds concerning any creditor who issues a credit to the thief.

It’s hard to track this type of identity fraud since it does not usually show on the real person’s credit report directly. And this could even show as a new file at the credit bureau or as a sub-file on the victim’s credit record.

What is Medical Identity Theft?

This is a type of identity theft that a person uses an individual’s name and some of their information to obtain medical care, services, or drugs. The data they may use can include insurance information. The victim has no clue their name or other information is being used.

When this type of event occurs, it can cause the real owner of the insurance to receive improper medical care. Plus, this can lead to a potentially life-threatening medical decision since there has been incorrect information placed in their medical records.

What is Child Identity Theft?

This is identity theft of a minor child’s social security number that is used to gain credit. And it also increases other personal advantages. Of particular interest, the child has no credit history. So this makes this social security number very valuable to the theft that wants to steal it. They can obtain credit, get a driver’s license, and make large purchases, like buying a house, all under the guise that the social security number is their own.

So here, a family member or friend can be the culprit. But it can be done by a stranger that targets children. The fraud can continue undetected for years. After all, the victim is a minor who will not be using their number for years.

According to Carnegie Mellon Cylab, Richard Power, using data from All Clear ID, it was discovered that approximately 10.2 percent of children were identity theft victims. So about 40,000 children had information exposed.

How Do ID Thieves Get Your Personal Information?

These criminals need to obtain personal information to use another person’s identity to appear authentic. Some of the methods they use people are aware of. But other methods exist.

  • Digging in dumpsters or garbage cans for personal information is one way they get stuff.
  • I am using public records to gain personal information.
  • Skimming credit card or bank card information with hand-held card readers in the general retail location helps make clone cards.
  • Using contactless credit card readers to obtain data from RFID-passports wirelessly.
  • Mail theft, breaking into homes or pick-pocketing checks, bank cards, credit cards, passports, and identification cards are all potential problems.
  • Theft of checks to obtain account numbers and routing numbers.
  • Gaining personal and banking information with malware. Trojan horse keystroke logging programs, spyware, and breaches in browser security are examples.
  • Further examples:
  • They hack computer networks, databases, and systems to gain access to large amounts of personal data.
  • Acting fraudulently as customer service representatives or help desk employees to con individuals into disclosing personal information, login information, or changing the password access.
  • Account verification and compromise questions, like: “What is Your Mother’s Maiden Name?”
  • Use of social media sites to befriend individuals and gain trust to get their personal information.
  • Social media photos are clickable and downloaded, which have low security and privacy protection.
  • They use information gained from an individual typing login and other personal information at public IT equipment locations. The term shoulder surfing describes this conduct.
  • Use of breaches that result in the publication of personal information, which may include name, address, credit card numbers, and social security number.
  • Impersonation of a trusted organization in emails, telephone calls, SMS text messages, or other forms of communication to have an individual provide personal information or login information. Most of us know this form of data collection as phishing. Because of this, many corporations will never ask for this type of data on the phone or their website.
  • You are browsing social network sites, such as Facebook, Twitter, or MySpace for personal information that users have published.
  • Attacking weak passwords and reset password questions.
  • They divert email or a post to gain personal information, credit card numbers, banking or credit statements, and other personal data. And this can delay you knowing there is a compromised account.

What About Personal Identity Protection?

The person is often unaware of how naïve they are. So they are careless with their personal information or login information. Identity thieves count on this.  And they can steal information like:

  • Credit cards
  • Checkbooks
  • Utility bills
  • Bank statements and other things from a person’s vehicle, office, snatched purse, or home.

The US Federal Trade Commission, websites and the Canadian Phone Busters organizations address identity theft. And they and offer recommendations on how to prevent personal information from reaching another person’s hands.

You can partially eliminate identity theft by not using identifying information unnecessarily. IT systems and organizations should not require an excessive amount of personal information for identification and authentication purposes.

The requirement and data storage of personally identifying information such as social security numbers, driver’s license number, credit card, national identification number, and other information, will increase the risk of identity theft. This theft will keep happening unless adequately stored all the time.

Tips to Avoid Hijacking

  • Hacking and phishing: So we all know that electronic identity theft or using malware is common today. Hence, you must often update computer security. Keeping the operating system and browser secure, patched and running antivirus software can help avoid unwanted theft. The individual should be cautious about their IT use.

In some cases, the thieves use obituaries, gravestones, and other sources to rip off the identity of a deceased person. They do so between their passing and the closing of their accounts. So this is a combination of a grieving family lacking concentration. And it’s also the credit checking process. This crime can continue for an undetermined amount of time. And it won’t stop until a family member or credit company notices the events.

Commercial identity theft protection services are available in many countries. For example, they offer protection from for an annual or monthly membership fee. How it works is the service will typically set fraud alerts on your credit files. Also, each of the three major credit bureaus gets alerted. These heavily advertised services are helpful. But the actual value of them has been questioned.

What are the Identity Protection Organizations?

The Federal Trade Commission testified in May of 1998 in front of the United States Senate. There, representatives discussed the sale and use of personal identifiers and Social Security numbers, by data miners and credit raters. They agreed to self-regulating by the industry to restrict access to information on credit reports.

The industry restrictions vary according to the category of the customer. This variance exists because credit bureaus gather, disclose personal and credit information on a wide business range. Inadequate security by organizations holding personal data results in unauthorized access. So this places victims at risk of ID theft.

According to Privacy Rights Clearinghouse, they have documented more than 900 data breaches, since January 2005 by U.S. government agencies and companies. This breach has involved over 200 million records that contained sensitive personal information. The data included many that had social security numbers.

When a company has poor security standards, it can include:

  • Failing to have adequate network security.
  • They are failing to shred confidential documents before putting them in dumpsters.
  • Brokering personal information to another business, without the assurance of the other company maintaining security.
  • Government failure in registering sole proprietorships, corporations, and partnerships to determine the article of incorporations officers are who they claim to be. This failure can result in criminals having access to personal information through credit ratings and data mining services.
  • Credit card numbers stolen by people like call center agents means there is access to the recorded calls.
  • Laptop computer or portable media theft or carried out of the location. Typically, it that contains personal information. Also, using encrypted devices reduces data exposure risks.

What is the Nationwide Impact of ID Theft?

Most of all, there was a decrease in the number of victims in the United States between 2003 and 2006. This decreased the dollar amount of identity fraud from $47 billion in 2003 to $15.6 billion in 2006. This resulted in the personal losses of $4789 in 2003 to $1882 in 2006.

According to the Identity Theft Resource Center in a 2003 survey:

  • Approximately 73% of those surveyed said the crime involved the thief gaining access to a credit card.
  • 15% of known ID theft remains business related. And in those cases, it took the victims about 330 hours to resolve.
  • Victim of identity fraud Michelle Brown testified in a U.S. Senate Committee Hearing. She said that between January 1998 and July 1999, a person used her identity to acquire more than $50,000 in goods and services. Brown said not only did the hacker damage her credit but escalated in crimes, including drug trafficking. This resulted in a warrant for Brown’s arrest; she had an erroneous arrest record and prison record. Here, the woman was booked into the Chicago Federal Prison under her name.
  • Also, fraud costs are estimated at £1.2 billion annually in the UK. But experts believe the figure is much higher. For example, privacy groups do not think the numbers to be correct. Mostly, they argue the statistics are a bargaining chip to hearken the introduction of national ID cards.
  • Microsoft Research claimed in 2001 that fraud remains widely exaggerated. And they say the surveys are compromised and biased. So they argue the findings are no good. But Australia estimated ID theft at between $1 billion and $4 billion in 2001.

The United States Legal Answers

In the United States, the increase in this crime has led to the enacting of the Identity Theft and Assumption Deterrence Act. In other words, the Federal Trade Commission appeared before the U.S. Senate to discuss FTC crimes. And that meeting happened after the mass exploitation of consumer credit.

How the Exploited Data Was Used:

  • Lines of credit
  • Loan fraud
  • Mortgage
  • Credit card fraud, along with commodities and services fraud.

The Identity Theft Deterrence Act amended U.S. Code Title 18, § 1028. This statute says it is a federal crime to steal an ID. But it’s tricky because the perp must use an ID document issued by the United States. So you have to show the thief intended to defraud the United States. All this gets tried on a federal level if it exists. Get it?

30 Years in Prison?

Yes, it’s true. This sentence is outlined in 18 U.S.C. § 1028 and can carry a 5, 15, 20 or 30-year prison sentence in federal prison. Also, § 1028 (aggravated identity theft), permits consecutive sentencing. Of particular interest, this act provided the Federal Trade Commission with authority to track incidences and dollar losses.

Their body mainly focuses on consumer financial crimes. And it does not include the full range of all identification crimes. Charges brought by states or local law enforcement agencies will have different penalties than criminal charges on a federal level. It will depend on the state laws, which each state can differ in their punishments.

Office of Privacy Protection

California and Wisconsin have created the Office of Privacy Protection. This department helps citizens avoid issues with theft and identity theft recovery. Other states have followed the California mandatory data breach notification laws. And this has resulted in all companies reporting data breaches to their customers.

Of particular interest, the IRS created the IRS Identity Protection Specialized Unit. Now taxpayer victims of federal tax-related identity theft have recourse. The taxpayer was required to submit Form 14039, which is their Identity Theft Affidavit.

Editorial on Gullibility of Seniors to Scams

Ambulance Chasing Lawyer
Personal injury lawyer winks as she signs a gullible client.

Gullibility is defined as:

“… a failure of social intelligence in which a person is easily tricked or manipulated into an ill advised course of action.”

(read more.)

As will be shown, elders trust even dishonest people.

The Most Recent Studies on the Elderly Brain

  • Easier to Scam Old Folks

Two studies show that the aging brain is not able to process scams or misleading information. Professor Shelley Taylor of the University of California, Los Angeles conducted one of the studies. The study data showed that a section of the brain known as the anterior insula makes the elderly are more susceptible to becoming victims of scams.

Seniors are Less Likely to Doubt or Process Visually Deceptive Information

This study data and a survey carried out earlier in the year by the University of Iowa researchers was telling. It showed that aging of the Ventromedial prefrontal cortex leads to a lesser ability to process both skepticism and doubt in visual information.

The Study Itself

The study conducted by Professor Taylor involved 119 elderly residents of a senior living home, who ranged between the ages of 55 and 84. So here, subjects saw photographs of natural or trustworthy faces. Next, they saw pictures of faces that were non-trustworthy. These were pictures of people smiling without the eyes lit-up, shifty gazes, and facial hair. Consequently, the participants were asked to rate the level of trustworthiness.

These same photographs were handed to a group of 24 staff members and students, who were between the ages of 20 and 42. Both groups had equal ratings reported for the real or neutral faces; the difference was evident with the elderly participants when assessing the untrustworthy photos.

So here, the elders were incapable of seeing the visual clues in the untrustworthy photos. Consequently, the research expanded into MRI machine monitoring. Also, the study included 23 senior citizens and 24 staff and students, who saw the same photos. As a result, testing led to the discovery that the anterior insula in the younger group became very active. Conversely, the anterior insula of elderly participants was barely active.

The “Gut Reaction” Part of the Brain

The “gut reaction,” part of the brain alarms you of the ill-at-ease feelings and stress people feel about difficult decisions, ideas, places, and people. UCLA researchers believe the lack of activity in the anterior insula causes the elderly not to notice behaviors or signals with scams. Yet, younger people have no problem picking up on these red flags. Also, this study adds to published data by University of Iowa researchers in August of 2012.

  • This study compared the ability to categorize information that was misleading in people that were elderly or who had damage from injuries to the Ventromedial prefrontal cortex, (vmPFC).
  • This organ is a softball-sized section of the brain. It remains located above the eyes.  And it controls emotions and behaviors. And these are related to the ability to feel doubt and skepticism. Plus, it is related to your impulse control.

And during this study, there were 18 patients with damage to the vmPFC and 21 patients with brain injury, but good vmPFC’s. But 21 patients had healthy brains. Patients saw advertisements deemed misleading by the Federal Trade Commission.

Remarkably, elders were twice as likely to fall for the misleading ads. And this remained true even if the ads included a disclaimer about the validity of the information. Also, the National Institute for Justice conducted a study in 2009. Of particular concern, that study showed around 12% of those over 60 were financially scammed. In 2011 Met Life Inc.’s report rated the annual loss of exploited elderly citizens around 2.9 billion dollars.

This Is Not News to Most Experienced Nursing Abuse Lawyers

As an elder abuse and nursing abuse lawyer, I did not need a study like this to tell me what has been evident in my law office practice for years now on end. Also, most of my colleagues agree. In fact, recent cases of elder financial abuse (click here) already prove that shady characters target seniors. The problem is that many of the abusers are people with a special duty of care and trust over their elder wards.

Because it is so easy to scam the elder, society as a whole must remain vigilant. And that laws already on the books need aggressive enforcement. To learn more about protecting them, contact Ehline Law Firm at 633 West 5th Street #2890 Los Angeles, CA 90071. (213) 596-9642.


Main Office:

633 West 5th Street #2890
Los Angeles, CA 90071
Driving Directions >

Torrance and South Bay:

3961 CA-1
Torrance, CA 90505
(424) 999-PAIN
Driving Directions >
More Locations and Meeting Places >

ATTORNEY ADVERTISEMENT and Public Use information. Nothing here is intended to imply or infer that ELFPI can win or get a similar result in every case. Every case is unique, as is each person. No reasonable person could assume every case is win-able. The data on this website is generated by a member of the State Bar of California to provide general information and to answer the most frequently asked questions regarding tort law, and/or negligence claims. Parts herein contain attorney marketing information. Other parts do not. However, nothing on this website shall be construed as legal advice for any legal matter, or non-legal matter. Nor does anything on this website form a contract, or attorney-client alliance. (Read more.)

© 2019 Ehline Law Firm, Personal Injury Attorneys, A Professional Law Corporation. ALL RIGHTS RESERVED.