Identity thieves
By Dave Birch posted Feb 29 2008 at 10:46 AM[Dave Birch] I've been thinking about identity theft because of a meeting I'm going to later on today and I was mulling over the different kinds of identity theft. It seems as if most of the identity theft we here about is really just "simple" credit card fraud, but of course there are other bigger and potentially more serious kinds of identity theft. But, once again, I must ask to what extent those crimes are the super new 21st century crime of identity theft and to what extent they are old-fashioned deception. Here is a case in point. I"m pretty sure I saw this on The Real Hustle on the BBC a few weeks ago, so I wonder if this is where the perps picked up the idea?
A brazen swindle in Wheaton last week in which a man walked into a BB&T bank dressed as an armored truck courier and walked out with $574,500 in cash has been linked to a similar bank job the next day in Washington, authorities in Montgomery County said yesterday. Assistant State's Attorney Marybeth Ayres named Elizabeth K. Tarke, a teller at the BB&T branch, as a possible ringleader.
[From Teller Called Possible Ringleader in Two Bank Thefts - washingtonpost.com]
If you were going to pretend to be somebody else for half an hour, who would it be? Me, or a cash collector? The story says that an employee checked the bogus courier's ID card. But how? I really doubt that the bank employee took off the courier's ID card and put the ID card into a machine and had the courier put his eyes up to an iris scanner to match his iris to the card and then went online to have the card credentials verified by the courier company and bank servers. I'm sure the story means that the employee glanced at the ID card and it seemed about right.
This particular case caught my attention because it happened to gel with something I was preparing for a client. The essence of it being that there's a false sense of security generated by identity that isn't properly verifiable. There was another story about this in the newspapers a little latert:
A City investment banker who held senior positions at Bank of America and Credit Suisse may face jail after posing as a university undergraduate in order to help a student cheat his way through his final-year economics exams. Jerome Drean, 34, the former head of European equity derivatives trading at Credit Suisse, pretended to be Elnar Askerov, a 22-year-old Azerbaijani economics student at the University of York. Although there was no physical resemblance, Drean is believed to have sat eight exams over a period of 18 months, using a false identity card to pose as Askerov.
[From City banker, 34, sat exams for student, 22 | The Guardian | Guardian Unlimited]
Pretty shocking, isn't it? I was genuinely amazed to discover that a head of credit derivatives knows anything about economics, given the cheery news continuing to come from the U.S. sub-prime market. Anyway, unless you have to put an ID card in a device that goes ping -- when presented with the right fingerprint, iris or whatever -- instead of depending on people, how is this going to stop? That's not a panacea of course, because the person monitoring the device that goes ping might well be miscreant machine minder, as another recent U.K. newspaper story illustrates rather well:
...illegal immigrants were kept in safe houses in London until they found work or further accommodation predominantly in Leicester, Bolton, Blackburn and Preston... Others were assisted by a corrupt Heathrow Airport official in continuing on to Canada or the United States.
The court heard how once "clients" travelling from India reached South Africa they would pay about £500 for a genuine South African passport fraudulently issued by corrupt officials and use these to enter the UK.
[From BBC NEWS | England | People-smuggling network revealed]
I was in a discussion yesterday about how to design systems that are going to store and process sensitive personal data, and one of the people there said that the design should proceed on the basis that employees (ie, insiders) are corrupt. How true. Whether it's bank account or passports, it looks as if the worst cases of identity theft are the one that involve staff (in particular, middle management).
These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]
“ARMADILLO DOLLAR prevents Wireless Skimming: the Newest Identity Theft”
If you ever have your identity stolen, your life can get seriously disrupted. Your cash can go missing, you can get arrested for something you never did, you can end up paying off debts you never incurred, and you can lose something even more precious, your time and good name. It takes an average of 600 hours just to begin to recover your information. Here is an ounce of prevention to protect you from a ton of trouble.
Identity theft has exploded in America, but an impressive new product called the Armadillo Dollar, created by Wisteria House Products of Gilbert, Arizona, can protect you against a new wireless ID theft and RFID monitoring. (www.ArmadilloDollar.com). What you can't see, such as radio waves, can hurt you!
When put into a person’s wallet, the Armadillo Dollar blocks the transmission of sensitive private information from RFID (Radio Frequency Identification) enabled debit/credit cards, store loyalty cards or employee badges. The user can move around essentially undetected by RFID readers, and wireless ID thieves, a new high tech crime element.
Without this protection, wireless identity thieves called “skimmers,” can steal your personal information out of the air surrounding your purse or wallet using RFID (Radio Frequency Identification) interception technology. Over 50 million RFID embedded credit and debit cards were issued to Americans last year, representing the single greatest threat to consumers in history.
Skimming historically has been the swiping of a magnetic stripe, or inadvertent theft of information from debit and credit cards. With RFID embedded cards, the new skimmers can steal, capture and clone the RF signal and use it for their personal gain. The skimmers completely avoid detection through any of the ID protection monitoring services, but the Armadillo Dollar prevents this theft before it occurs.
Each RF card has a microprocessor embedded that broadcasts personal account information on the cardholder whenever it is targeted by an RF pulse. The cardholder’s data can be stolen through the airwaves and cloned, then used by the thief. The Armadillo Dollar (www.armadillodollar.com), which is an RF shield, defends against this type of attack. When folded over in your wallet, the Armadillo Dollar blocks these signals from escaping or being activated remotely so your information stays intact.
With an amplified targeted RF pulse, wireless skimming is getting easier. Two men demonstrated skimming at 69 feet at an electronics convention in 2005, and it is possible targeted skimming can be done even further away.
The United States REAL ID Act of 2005 has also created privacy concerns with RFID driver’s licenses being issued. In December 2007 Arizona signed up as the fourth state to comply with the law, after Washington, New Hampshire and Vermont, which dictates the need for “electronic ground surveillance” of its citizens.
Wisteria House Products is committed to improving people’s lives through better technologies and educating the public about wireless identity theft vulnerabilities. Go to www.armadillodollar.com/idtheft.htm for a full list of prevention tactics.
They have the solution no other business offers in the identity protection arena, a firewall for your wallet.
For further information or co-branding, please contact company through e-mail at [email protected], or 480-393-0418.
To see the Armadillo Dollar in action, click http://www.youtube.com/watch?v=fKhZPZRfzHE
XXX
Posted by: Catherine Leyen | 01/03/2008 at 09:02 AM
Send us a couple Catherine and we'll be happy to test them in our lab.
Posted by: davebirch | 02/03/2008 at 02:12 PM
There needs to be some pithy catch-all expression to cover this basic flaw. Something like "if you make identity valuable, it will be stolen."
Posted by: Iang | 09/03/2008 at 09:13 AM
Dave , identity theft effects us all, from the day we are born and sometimes after we have passed away, so its really important to protect any data or information about yourself falling into the wrong hands , l think all of identity theft carries an element od deception but the real professional criminals like the brazen swindle in Wheaton has been planned to the last detail and then they are also commitiing conspiracy to cheat.
It will take a specialised squad to catch criminals like this and more help from the banks and authorities who hold all of our data.
Posted by: peternicholls | 11/04/2008 at 10:48 PM
This is SO true. And as the security systems get better, they attract ever-better criminals. It's realy a challenge that will be faced by all people in 21st century societies where numbers and computer files with information which represents individuals have become as valuable as the individuals themselves.
Posted by: Identity Theft Secrets | 17/04/2008 at 08:01 PM