The Art of the Steal

11

[STEALING YOUR SOUL]

For Michelle Brown, there was life before identity theft and then there was life after identity theft. Life after was a torment.

Brown, the young California woman I began this book with, couldn’t understand why someone had stolen her identity. Why her, of all people? And how did it happen? One day she told her property manager about how someone was going around using her name and her credit, and that the police and credit bureaus had mentioned that identity thieves are sometimes a relative or someone you know. Did she have sisters who might have something against her, a close friend with a grudge? She had been offended. She had two sisters, but she knew neither of them was the one, and no friend was that malevolent.

Her property manager listened to her carefully, and then he said, “I know who’s doing it.”

Or he thought he did. A woman he knew vaguely, Heddi Ille, had a history of committing credit fraud. He figured it might well be she.

The police looked into it, and they concluded that it was indeed she. Heddi Ille was a woman in her early thirties, about five-foot-seven and weighing 200 pounds. She looked nothing like Michelle Brown. And she was mixed up with drugs. For months, the police pursued her, but it wasn’t until more than a year after she had stolen Michelle Brown’s identity that she was caught, and then it was only because someone had turned her in. To add to the insult, Ille was arrested under the name Michelle Brown. On her record, that name was listed as an alias.

Heddi Ille had never met Michelle Brown, and knew virtually nothing about her. Like most crooks, she had wanted one thing: a vehicle that allowed her to steal. One day, she had happened to sneak a look at the rental applications at the apartment complex where Michelle Brown was living, and had chosen her information to work with. She was a similar age, and that may have been all that mattered. That one document was all it took.

In their arrogance, thieves rarely consider the consequences for the victim. They’re in it strictly for the money. For a long time, Michelle Brown wondered if she would ever become whole again. It required a massive effort for her to get her credit straightened out. “Identity theft leaves a very dark and filthy cloud around the victim,” she said. Even now, she is extremely circumspect. She has eliminated all but one credit card. She refuses to write checks when she buys something in a store. She worries that her name will be on a list of delinquents and she’ll be hustled off by security guards. Her mail comes to a private mailbox. For her birthday, a friend gave her a shredder, and she now shreds all credit card solicitations and any other material containing personal information.

She carries around official papers that confirm who she is, though she’s afraid to travel overseas, particularly to any third-world country, out of fear she’ll be mistaken for the jailed Ille and be imprisoned. Even in this country, she shudders every time she sees a police car. She drives safely under the speed limit and never forgets to signal if she’s making a turn. The last thing she wants is to be stopped and somehow mistaken for the other Michelle Brown, the one who ought to be in prison.

Two years after she started, Heddi Ille was convicted of perjury, grand theft, and possession of stolen property, though, as so often happens, not of identity theft. Not only was she initially booked as Michelle Brown, but also when she sent letters to friends from federal prison she wrote that name on the return address, until the real Michelle Brown objected. She felt Heddi Ille had stolen quite enough from her for long enough.

THE CRIME OF THE FUTURE

I’ve saved identity theft for last, because I’m convinced it’s the crime we have the most to fear going forward. To my mind, identity theft is the crime of the future. And I think of it as the mother of all scams, because it steals everything, a person’s very being.

In so many ways, it’s the scariest and most seductive white-collar crime of all, and we’ve barely scratched the surface. It’ll probably be ten years from now before identity theft is in full swing, but we’ve already seen its striking escalation. At the beginning, someone stole your identity because he wanted to get a credit card in your name. These days, he’ll say, wait a minute, I’ll get a car loan in your name, wait a minute, I’ll get a mortgage in your name, wait a minute, I’ll assume your entire identity and get a job in your name and you’ll have to pay the taxes.

Physical attributes like DNA are unassailable and unique to you. No criminal can steal them. But we have become the various numbers that have been assigned us, and, with modern technology, that makes us increasingly vulnerable. All a thief has to do is get hold of a single set of digits—your bank account, your credit card number, or especially your Social Security number—and he can take up residence in your life. If you have great credit, he suddenly has great credit.

Anyone with a Social Security number can become a victim—even a newborn baby or someone who’s dead. Some identity thieves can pick your pocket for months and even years before they’re detected. They know just how to keep a victim’s suspicions at bay.

A Virginia couple was puzzled when a friend said he couldn’t reach them because their number was unlisted. They knew they were in the book, but figured it was a lame excuse for not inviting them to a party. When they heard the same thing from another friend, they checked with the phone company. It said the husband had asked that the number be unlisted. They shrugged that off as some mix-up, until they got a call to verify that they wanted their new Visa card mailed to a different address. They had ordered no card and had no new address. They quickly got a credit report and found that someone had already obtained another card in their name and a cash advance against it. Then they got it. The identity thief had requested that their number be unlisted so creditors couldn’t reach the couple.

Back in my criminal days, I engaged in identity theft of sorts. To be precise, I guess you could say that I engaged in profession theft. Although I never took on the identity of a living person—I never believed in crimes against the individual—I became a generic copilot and a lawyer and a doctor, among my guises. To pull this off took cleverness and perhaps a bit of a diabolical mind. You needed to be able to turn on the sweet grease and charm. I had to learn about airplanes and pilot lingo. I had to learn the law. I had to learn a suitable amount of medicine. I had to create believable IDs and acquire uniforms. I had to be able to stay cool under pressure.

Today, the identity thief can do what I did, and so much more, hiding behind numbers. No one tests his knowledge.

Identity theft is so new that it wasn’t even formally recognized as a specific federal offense until 1998, when, prompted by growing evidence of the crime, Congress passed a law, the Identity Theft and Assumption Deterrence Act. And though I speak of it as the crime of the future, because of its potential, it already is an enormous problem. I’ve heard estimates that half a million Americans a year are victims.

Identity theft is a chilling crime because the perpetrator is innocent until proven guilty, while the victim is guilty until he proves himself innocent. Until you’ve been caught up in this crime, you can’t imagine how hard it is to prove that innocence. It can be a nightmare of unimaginable proportions to get your credit and your identity back, if you ever fully do.

A HORSE OF MANY COLORS

The approaches taken by identity thieves vary a great deal. Most often, the thief is a total stranger, someone you’ve never seen and who has never seen you. But not always. A woman living alone in her own house took on a roommate for some added income and companionship. The roommate lived with her for nine months. She was amiable enough, and always paid her rent on time. One day she told the woman she had gotten a job offer out West, and so she would be moving. The woman was happy for her, and thought nothing of it.

A few weeks after the roommate left, the woman got a call from a bank officer. The officer said the bank had received her most recent mortgage payment, the same as always, but it hadn’t received the payment for her second mortgage. “Second mortgage?” the woman said. “What second mortgage?” It seems that the roommate, by rummaging through the woman’s utility bills and other mail, had acquired enough information to pose as her and take out a second mortgage, the money that got her out West.

One identity thief managed to accumulate more than one hundred thousand dollars in credit card debt, take out a federal home loan, buy several homes, motorcycles, and handguns, all in the victim’s name. But that still wasn’t enough for him. He would also call the victim and hector him, taunting him that he could buy all he wanted for as long as he wanted, and he would never be caught. Finally, the thief filed for bankruptcy—naturally in the victim’s name. At the time, identity theft wasn’t a federal crime, so when he was finally caught the criminal served a brief sentence for making a false statement to purchase a gun. There were no other repercussions. He made no restitution to the victim. Meanwhile, it took the victim and his wife four years and fifteen thousand dollars to restore their credit and reputation.

A Milwaukee man used a stolen Social Security number to obtain additional identity documents and set up an array of fraudulent accounts. Under his new identity, he got a job at the Wisconsin Supreme Court then stole eighty thousand dollars of computer equipment from the court. While he worked there, he also collected Social Security benefits because he claimed he was disabled and unemployed.

Con artists will steal the identities of the prominent as well as the unknown. The FBI came across two Memphis thieves that said they stole the identities of six leading executives, including the chief executive officers of Lehman Brothers, Coca-Cola Enterprises, and Hilton Hotels. Two of the impersonated executives had recently died.

Before they were caught, the hucksters managed to order $730,000 worth of diamonds and Rolex watches over the Internet. They did this by having the credit card companies and banks change the billing addresses of the executives to hotels in the Memphis area, then ordering the merchandise to be shipped to the hotels. The attraction of using the names of wealthy executives was their credit was so good. When the jewelers that sold the goods contacted American Express about putting purchases of $40,000 on cards purportedly belonging to the executives, there was no hesitation. They got immediate approval.

IT’S AS EASY AS . . .

How does someone steal your identity? With the sharp erosion of privacy, the variants are endless. A thief doesn’t have to break into your home or hold you up. It all gets done on the sly.

One straightforward method is “shoulder surfing,” which I told you about earlier with ATM fraud. A thief watches you as you punch in your credit card or calling card number at a pay phone. Or he eavesdrops on your conversation as you give your number to a hotel or merchant. From that one number, he gathers other information about you and is on his way.

Another popular approach is “Dumpster diving.” Crooks root through your garbage cans, trash bins outside stores, or on street corners, or communal Dumpsters. They toss away the chicken bones and old newspapers, and collect credit card statements, bank statements, phone bills, copies of checks, or anything that shows your name and address. These records are gold to an identity thief.

How many times have you gotten a stack of “preapproved” credit cards in the mail and, already being flush with cards, simply tossed the envelopes in the garbage without ripping them up? The identity thief thanks you very much. He goes ahead and attempts to activate the cards, often with success. Some credit card companies require that you activate a new card only from your home phone number, but this precaution hasn’t been universally adopted. A few years ago, federal authorities broke up the Trash Ring, a group that stole more than $10 million in dozens of states, largely by recovering cards and account information from Dumpsters and trash cans.

If you’ve been divorced, the transcript of your case, bulging with financial and credit information that you had to reveal, as well as your Social Security number, is public record. A thief need only stop in at the courthouse and scribble down what he needs.

One recently-arrested identity thief, a low-level employee at a drug company, happened to come across a box of personnel records for three dozen former employees. The box was lying in a storage closet of the company. When you’ve got a criminal mind, a box like that is a bonanza. The thief, along with several accomplices, used the records to get credit cards, buy more than one hundred thousand dollars of goods, and rent three apartments in other people’s names. For a time, they lived a joyous life that was way beyond their own means.

Employees at a New Jersey car dealer used the company access to the three leading credit bureaus—Equifax, TransUnion, and Experian—to find strangers with good credit histories, some of them living as far away as Alaska, and then opened up credit card accounts in their names.

A group of Nigerians established themselves in the industrial cleaning business. They had trucks. They had uniforms. They had cleaning supplies. In due course, they had customers. They would come into the company offices at night and clean the place. And they did a beautiful job. But they cleaned the offices of more than grime. They knew how to get at personnel records and would copy Social Security numbers and whatever other useful information they found and steal identities.

And there are endless come-ons that thieves use to sucker people into unwittingly divulging personal information. Not long ago, some fairly provocative flyers suddenly popped up in scores of black communities throughout the South and Midwest. They were stacked on tables in churches, stuck in windshield wipers of parked cars, and tacked to the bulletin boards of senior citizen centers and nursing homes. The headline on them read: “Apply for Newly Approved Slave Reparations! Claim $5,000 in Social Security Reimbursements!” The body of the flyers said that blacks born before 1928 could be eligible for slave reparations under the “Slave Reparation Act.” Those born between 1917 and 1926 could apply for Social Security disbursements because of a “fix” made in the Social Security system.

Obviously, a burst of good fortune like this was something that would pique a person’s interest, and it seemed plausible. There had been a lot of talk and press about proposed legislation that would pay reparations to black people. But the whole thing was nothing more than a trap set by a ring of identity thieves.

In the Atlanta metropolitan area, a man posing as a jury administrator from the local court system would call people, mostly the wealthy and business owners, and say, “You’ve forgotten to respond to a summons for jury duty and face a penalty. I can straighten it out right now for you, if you just give me some basic information.” Assuming they had overlooked the summons, or it had gotten lost in the mail, the victims would unquestioningly provide their birth dates, mother’s maiden name, and Social Security numbers.

Thieves are not at all squeamish about stealing the identity of someone that recently died and resurrecting him for the purpose of spending money. This works because credit bureaus usually don’t learn about someone’s death for six to twelve months. A common place to locate the personal information necessary here is an obituary. People fail to realize the abundance of material contained in an obituary, particularly that all-important mother’s maiden name so universally used for identification means.

One pair of identity thieves stole hundreds of thousands of dollars from some two-dozen victims in seven states. Most of them were selected out of “Who’s Who in America,” which in its biographies of prominent Americans gives birth date, place of birth, mother’s maiden name, and home address, sufficient information for them to request birth certificates and establish credit.

Recently, there was a run of identity thefts involving admirals of the U.S. Navy. One admiral complained that he had been a victim, then another admiral and another—ultimately seven in all. It happens that the thieves were digging out personal information on them from the Congressional Record. It routinely lists all the data a criminal needs to become a military officer.

One woman had her identity stolen by her boss. She was hired by the owner of a magazine publisher, and, in filling out her employment application, divulged the usual supply of personal information. Little did she know that her employer had ruined her own credit in the past and couldn’t even get a credit card. Within months of the woman being hired, her boss took out a card in her name and began using it. Who would suspect their boss? But literally anyone can be after your identity.

Years ago, I predicted that once there was a shake-out among all the dot-com startups, criminals would step in and offer to buy up the assets of failed e-commerce companies. Why would they? To get their databases, rich with personal information on customers, including credit card numbers. I bet it’s already happened. When it was functioning, the retailer Toysmart.com assured its customers that their personal information would never be shared with anyone. When it went bankrupt in May 2000, that promise went out the window. It took out ads offering to sell its database. Fortunately, a subsidiary of Walt Disney agreed to pay it fifty-thousand dollars to destroy the information before it got into the wrong hands.

NUMBERS FOR SALE

The Internet has become the equivalent of an electronic shopping mall for identity thieves. Endless websites have sprung up that sell personal information. One site, docusearch.com, will retrieve a person’s Social Security number for a mere forty-nine dollars. How long will it take? One day.

It’s all perfectly legal. They buy this information from the nineteen states that use the Social Security number for the driver’s license number. They’ll go to a driver’s license bureau and ask, how many Social Security numbers do you have? They’re told, 1.3 million. Okay, can we buy them for $8 a number? They’ll approach one of the major health insurers, with millions of numbers, and again buy them for $8 apiece. They buy numbers from collection agencies and credit bureaus, and they resell the information for $49 a number. The only thing you have to type in is the person’s name and the last-known state you believe he or she lived in, and within seconds, up comes the Social Security number. I’ve gone online a number of times to test it out and they’ve never not had the number. Try it yourself.

Another website, netdetective2000, brags that it will find out “everything you ever wanted to know about your friends, family, neighbors, employees, and even your boss!” All you do is take your mouse and click on the information you want. It’s a complete dossier: the person’s name, date of birth, Social Security number, address, bank, bank account number, what stocks he owns, who his stock broker is, where he works, what he does at his job, what he makes, if he has children, his children’s names, their ages, and their Social Security numbers.

If you’re wondering who’s telling them all this information, you are. When you bought a camera, there was a warranty card, and attached to that warranty card was a consumer questionnaire. Are you married, divorced, single, separated? Are you a doctor, a lawyer, a professional, a technician, or other? Do you earn between $20,000 and $50,000, $50,000 and $100,000? Do you bank at a bank, credit union, savings bank, or mutual fund house? You went right down the list answering all their questions and all of that information went into a data base. Then they turned around and sold it, and the next thing you know, it was being used against you.

There’s another website that advertises on TV called 1-800–SEARCH. They say they can find out if someone has a criminal record. Then, in a lower tone of voice, they say, “or fifty other things.” And the fifty other things are just about anything you would want to know about someone. It’s unbelievable what they know about people—practically everything down to their favorite doughnut and how they did in third-grade social studies—and I’m talking about ordinary people who think they live a private life.

Everything is for sale. A Social Security number is $49. A birth certificate is $79. A driver’s license is $90. Or if you want an entire package of documents just for the purpose of assuming someone’s identity, it goes for $2,000.

I went to the doctor the other day. It wasn’t my regular doctor, but an oral surgeon I hadn’t seen before. The receptionist had me fill out a new patient questionnaire, then she needed my Blue Cross card, which contains my Social Security number, and my driver’s license. She made copies of both, and all this was deposited in the doctor’s file. That receptionist, or the next receptionist, could easily sell that information.

In a number of instances, low-paid hospital orderlies have stolen and sold patient information. Medical records are especially attractive to identity thieves, as they contain your Social Security number, date of birth, and even a physical description. Some criminals, to help their fraud, have actually undergone plastic surgery to look more like their victim. Imagine that—someone who not only says he’s you but looks like your twin!

A twenty-three-year-old New Jersey man was surfing the Internet at the public library one day, when he happened across the site of the Securities and Exchange Commission (SEC). There, he discovered a database of disclosure forms that public companies must file with the regulatory body. These forms contained the names of company officials and their Social Security numbers. Using the name of an official of a company who was thirty-four years older than he, he managed to gain approval for a $44,000 car loan from a major bank. He got a quote for car insurance from an online broker, then used a fraudulent MasterCard to pay for the policy. To actually buy the car, he needed proof he was the executive, so he picked up a fake birth certificate and W-2 form from a website that sold fake credentials. Then he went and bought a new Prelude. Because the executive had such excellent credit, the thief actually negotiated better financing from the car dealer than he had from the bank.

SHADOW OF YOURSELF

Once your identity has been stolen, everything doesn’t just return to normal. You’ll find yourself inconvenienced long after the culprit is caught. After she had been victimized, one woman put an alert with the credit agencies that if anyone applied for credit in her name, she had to be called and told about it. Months afterward, she was shopping for Christmas gifts and decided to buy her son a TV at an electronics store. Since you got a discount if you opened a credit account with the store, she tried to do so. The salesperson went to process it, only to come back and tell her, he was sorry, he couldn’t extend her credit because there was nobody at her home when he called. Of course not, she said, I’m here talking to you. Well, he said, your credit bureau says I have to speak to you at your home before I can issue credit. So she had to drive home, take his call, then drive back.

A highly placed corporate executive had his identity stolen by a major drug dealer. These days, when the executive travels overseas, he has to carry an official letter with him that states that he is not the drug dealer. He’ll always have to carry that letter with him. His life has been irrevocably changed.

I read about a woman writer who had her Social Security number stolen while she was living overseas. Using her name and number, the thief ordered telephone service in California, ran up thousands of dollars in bills, and then vanished without paying them. When the writer returned to the United States and applied to rent an apartment in New York, the landlord found she had a negative credit rating and wouldn’t rent her the apartment. She had to take a sublet while she tried to get to the bottom of things.

She filed a police report. The cop who handled the case said he got an average of four complaints of identity theft a day. Not until she threatened to sue the collection agency charged with her case, did the agency relent and agree to correct her rating. It told her, however, that it might take as many as ninety days before her credit was restored at the national credit agencies. Four years later, the unpaid bills remained on her rating. She was still unable to rent an apartment.

An elderly woman went into the hospital for cancer surgery. While she was there, her daughter hired some cleaners because she wanted her mother to come home to a perfectly clean house. Not long afterward, the mother got a succession of calls from collection agencies. The cleaners had found enough personal information in the house to steal her identity. During the long ordeal of trying to straighten the mess out, the woman lost her house.

There was a man who worked as a salesman in a department store in California. One day he had his wallet stolen, which contained his driver’s license, Social Security card, and military ID. Seven months after his wallet was stolen, he was called into the firm’s main security office and told he had been caught shoplifting at one of the chain’s other stores. He had done no such thing. In fact, he had been working in his usual store at the time. He even produced a letter from his boss confirming that. Still, he was fired. The man who had stolen his wallet had assumed his identity and done the shoplifting.

He got other jobs, but was dogged by the crimes of the thief. He’d apply for a job, a check would be done on him, and he’d be told, sorry, his services weren’t needed. He later found out from the police that the rap sheet in his name included arrests for shoplifting, burglary, and arson. He went bankrupt. He lost his home. Finally, he legally changed his name to distance himself from the identity theft, but his life is only a shadow of what it once was.

As you can see, the financial losses are only part of what the victim suffers. Often, it’s the emotional toll that’s most debilitating. For even if the thief is caught and prosecuted, it can take months and even years of painstaking effort to recover the good credit standing that was so quickly destroyed. At a Congressional hearing on identity theft, one victim recounted her ordeal after being victimized for $110,000: “We had to submit handwriting samples to twenty different merchants; we had to submit notarized documents and affidavits. It was like filling out our tax return twenty times with twenty different sets of instructions.”

AN IDENTITY THEFT QUIZ

As with all fraud, prevention is the most valuable step you can take against identity theft. Police are not sufficiently trained to investigate this crime and jurisdiction is often a problem, since you may live in Maine and the person who stole your identity may be in Idaho. I understand the FBI has been speaking to local police departments and asking them what they want from the FBI. The police tell them that they can handle local drug problems really well. What they can’t handle is if someone walks in and says he or she is a victim of identity theft. So they want the FBI to get more involved in white-collar crime, and I think you’ll see that start to happen in the years to come. Right now, though, it’s hard to get the attention of the FBI, because it usually requires a threshold of $250,000 before it tackles a fraud case. There are 13,500 FBI agents in the world, and only 3,000 are assigned to financial crimes.

The best thing you can do is to count on yourself. I devised a little identity theft quiz to give yourself to determine how susceptible you are. Each of the following statements represents a possible avenue for ID theft. If any of them describes you, add the points to your score.

• You receive several offers of pre-approved credit every week (5 points). Add five more if you don’t shred them before putting them in the trash.

• You carry your Social Security card in your wallet (10 points).

• You don’t have a post office box or a locked, secured mailbox (5 points).

• You drop off your outgoing mail at an open, unlocked box or basket (10 points).

• You carry your military ID in your wallet at all times (10 points).

• You don’t shred or tear banking and credit information when you throw it in the trash (10 points).

• You provide your Social Security number whenever asked (10 points). Add five points if you provide it orally without checking to see who might be listening.

• You’re required to use your SSN as an employee or student ID number (5 points).

• Your SSN is printed on an employee badge that you wear (10 points).

• Your SSN or driver’s license number is printed on your personal checks (20 points).

• You are listed in a Who’s Who guide (5 points).

• You carry your insurance card in your wallet and it contains your SSN or your spouse’s SSN (20 points).

• You haven’t ordered a copy of your credit report for at least two years (10 points).

• You don’t believe that people root around in your trash looking for credit or financial information (10 points).

If you scored more than 100 points, you’re at high risk. You should purchase a paper shredder, become more security aware in document handling, and start to question why people need your personal data. If you scored 50–100 points, your odds of being victimized are about average, though higher if you have good credit. If you scored 0–50 points, my congratulations. You’ve got a high security IQ. Keep up the good work and don’t let your guard down now.

A NEED TO KNOW BASIS

As you can see from that test, to steer clear of identity thieves you really need to adopt a “need to know” approach to all of your personal data. In the future, someone had better prove to you why he must have any of your information before you give it to him.

You have to memorize key numbers like PIN numbers and Social Security numbers, rather than carry cards around with you. If you’re making a phone call that requires you to convey personal information, don’t do it at an open booth where someone can overhear you. Ever more popular cell phones are even more susceptible to eavesdropping, so be especially wary of passing along personal information on a phone.

It makes sense to keep a minimum number of credit cards, so that it’s easier to keep track of them. But no matter how many or few you have, make sure you check all of your financial statements carefully. So often we take a quick look at our credit card statements, and if the total seems about right, we just pay the bill and toss the statement aside.

If you don’t receive a monthly statement for any account, that could be a tip-off; call immediately and ask about it. If you’re notified that your statements are being mailed to another address that you haven’t authorized, tell the financial institution what has happened and that someone may have accessed your account. And maintain your own records of your spending. Then if you need to dispute a transaction, your records will support you.

When you order checks, refrain from putting any additional information about yourself—your address, middle name or initial—on them, since checks can be lost or stolen. I’m amazed at how many people put their Social Security number on their checks. You ask them why and they say they do it because they’re always asked for the number when they cash a check in the store, so they want to make it easy. Sure, for crooks.

Have your personal information deleted or kept private in listings such as phone books, driver and motor vehicle records, direct marketing solicitation lists, and listings by the major credit reporting bureaus.

When you’re traveling, even for brief periods, you should have your mail held at the post office or ask a friend or relative to collect it for you. Mail letters with checks and personal information in them from an office mailbox rather than from your home mailbox. My feeling is the post office ought to ask for ID before granting change of address requests, and they should at least send a card to the current address to confirm the request. Meanwhile, you should write your credit card companies and advise them not to accept any notification of an address change without verifying the change with you.

Don’t ever enter unfamiliar contests or sweepstakes, and I’m not crazy about entering even familiar ones. Any information you give to contests or charities may be sold or reproduced in ways you can’t imagine. If you get an unsolicited call offering you a credit card or prize but wants personal data like your Social Security number, ask for a written application. If they say they can’t do that, hang up. If they do send you an application, look it over carefully and make sure that it’s from a recognizable organization.

I recommend that everyone get a shredder. I have one in my house and one in my office, and I shred everything that goes into the wastebasket, no matter how innocuous it seems, but especially everything that contains any personal information about me. I assume what appears unimportant to me could be very important to a criminal. You should assume the same.

And you really have to stay on top of credit agencies, because for the most part, they take what’s fed to them and don’t verify it. And it’s all one-sided. Anyone who’s a client can send in something bad about you. But you never get asked about it. That’s the biggest problem I have with how they work. They don’t get anything from you; they get it all from who you buy stuff from. In addition, my impression is the error rate of these agencies is horrible. My name is Abagnale. That’s hard to mess up. But what if your name is Smith or Jones? A problem Joe Smith has may end up on Jim Smith’s credit report. And it’ll take a Dream Team of lawyers to get it off.

You ought to get your credit report several times a year and thoroughly check it. Michelle Brown told me she gets hers every month. There are services like Credentials Services International and Inquiry Notification Service that cost about $25 a year, that send you a collated credit report from the principal agencies—Equifax, Experian, and TransUnion—three times a year. Also, when anyone applies for credit in your name, they send you a letter notifying you. I belong to two of these services, so in case one misses something I’m hoping the other one will catch it.

Unfortunately, it’s almost impossible to get a fraudulent entry removed from your credit report. Even if you prove something is wrong, they don’t delete it. They put an asterisk next to it, and a note at the bottom that says the customer disputes this entry. How helpful.

In 2000, the government approved a bill that allows consumers and businesses to sign contracts online and know that their e-signature is just as binding as one in ink. This gives electronic signatures the legal weight of paper signatures, and makes a contract binding immediately. The law took effect on October 1, 2000, and already we have completely electronic mortgages available. I’m against the whole idea. I fear this will lead to still more identity theft. It’s too easy to steal or duplicate a e-signature. Who is going to have the signature? Who is going to store it? How will they protect it?

Under the law, a digital signature could take any of a number of forms—a string of numeric code that is encrypted or thumbprints or irises read by special devices. Because of identity theft, many Florida banks currently require non-customers to leave a thumbprint when cashing a check, and some large banks in the Orlando area are taking thumbprints from all new customers. California, Texas, and Georgia are among states that require drivers to give a thumbprint or fingerprint when they come in to get or renew a license. But if you give your thumbprint to an organization and they put it in a database, and someone breaks into that database, as they will, and steals that thumbprint, are you going to go out and get another thumbprint?

Additionally, there are ways to get around fingerprints. Impostors will coat their fingers with airplane glue, which, when it dries, covers the skin’s ridges and makes for useless fingerprints. Or they’ll spray their fingers with clear lacquer or hair spray, which congeal in the grooves and spaces of your prints.

Maybe a system that scans your iris sounds impenetrable. But what if someone knocks you unconscious and then holds your eye in front of the scanner? What if someone points a gun at you and forces you to sit in front of the iris device?

The idea of giving thumbprints or copies of your iris raises the hackles of many people, myself included, because of the privacy issues involved. We could end up with a national identity system that tracks and monitors people, and that gets me to wondering if the cure is worse than the disease. The Internet has already irrevocably altered the nature of privacy and turned us into a culture of transparency. Why make it worse?

You have to decide at what point is your personal security coming at the expense of your privacy. E-signatures mean that you’re giving out more of your identity. You have to ask why? Why do you have to surrender something else just for convenience? Why can’t you wait to overnight something? Why does everything have to be instant? Instant breakfast. Instant camera. Instant mortgage. You can’t wait a day? It has to happen in ten seconds?

WHAT THE GOVERNMENT CAN DO

If we’re serious about combating identity theft, it’s going to take a federal solution, beginning with changes in the way the Social Security number is used and the free and easy access businesses have to people’s credit reports. At the moment, the Social Security number has been ruined. When I was growing up, no one knew your Social Security number. Now it’s everywhere, and so it’s worthless for identification purposes. But it’s still being used that way.

There are steps everyone can take to safeguard their own number. Whenever someone asks for your Social Security number, you ought to make sure you know who you’re dealing with and that they absolutely need the number. If a business requests it to confirm your identity, ask if there’s an alternative number that can be used.

But these steps aren’t enough. The government needs to pass a law that will clamp down on the use of the Society Security number as a uniform identifier. A measure that would do just that has been introduced in Congress and defeated several times. It won’t help me or anyone my age or older, but it will ensure that the number will be more secure for my kids and grandchildren.

We also have to force credit-granting agencies to require more identification and buttress their credit card policies. We need to restrict the selling of personal information by credit bureaus, state and federal agencies, and marketing firms. The federal government has to take this issue up—and soon. If it doesn’t do something, so many people are going to be running around claiming to be the same person that we won’t know who anyone is.

WHERE THERE’S A WILL

In a world of wolves and sheep, I look on myself as a sheep dog. I try to make people think about things. Fraud, as it continues to grow, will really test our society. It will challenge us to decide, what is enough? We’ve come to tolerate fake luggage and an occasional fraudulent purchase assigned to our credit card, but now, with our very selves being stolen, it’s getting to crunch time.

Twenty years from now, there will be entire categories of frauds that the best science fiction writer couldn’t even imagine, just as decades ago no one would have imagined Internet fraud because no one imagined the Internet. As more and more gets done electronically, I think you’re going to see an explosion in crimes where there’s no human face you can identify. There won’t be any line-ups; who are you going to line up—e-mail addresses?

There is an undeniable appeal of scams. I understand that better than anymore. When you discover the way they work, it’s like being taken backstage at a magic show. But scams aren’t entertainment. They gnaw at the fabric of society and ruin lives. We have to look at white-collar crime as being every bit as dangerous as armed robbery.

Every day, I hear of a new fraud. I recently learned of a famous soccer star who never uses his real signature to sign checks or business documents, because so many people know his autograph that thieves are continually forging his signature. So he signs checks by printing his initials. He’s lost his signature to crooks.

I was talking to a highway patrol officer in Tennessee who specializes in automobile fraud, and he told me there are roughly twelve million classified ads run each year in the United States for used cars. About three-quarters of them are believed to have been placed by “curbstoners.” Curbstoners are con artists who buy wrecked cars and cosmetically repair them and sell them as if they’re new, or else buy leased vehicles that are only a couple of years old, but have maybe a hundred thousand miles on them. They roll back the odometers to 29,000 miles and sell them for much more than they paid. They’re called curbstoners, because if you reply to their ad, they make a point to come to you and sell you the car at the curb outside your house or office. The curbstoners are slick. They always have a story: “I just had my first kid, so I’ve got to sell this Honda so I can get a station wagon.” It’s become an enormous problem, because the titles are forged and it’s nearly impossible to trace these crooks. And when I hear that three-quarters of the classified ads for cars are frauds, that tells me there’s no way I’d ever respond to one.

I read about con artists who scan newspapers for pleas for lost dogs. They call up the distraught owners and tell them they found their pet while they were traveling and took it home with them before learning of its true home. They offer to ship the dog to them as soon as they wire the airfare. People are so ecstatic to hear that their dog has been found, they send the money.

On and on it goes, but we don’t take it seriously. Once, as a TV demonstration, I went up to a cashier at the express lane of a Kroger’s store and used the store manager’s driver’s license to cash a check. The store manager obviously had a different name. I’m white. He was black. Why bother to ask for an ID if you’re not going to take it seriously?

We sorely need stiffer penalties and real jail time for white-collar criminals. I think it’s ridiculous that if I have drugs on me I’ll get five or ten years in prison, but if I rip off $20 million I’ll probably get probation. I’ll give you another solution that I’ve been propagating without success for years. Companies don’t care enough about losses from fraud, because in most cases they can deduct a hundred percent of their losses from their income taxes. By lowering their taxes, that write-off cuts their losses significantly. Well, if Congress passed a law that said from now on businesses can deduct only half of their losses from fraud, companies would wake up and get much more proactive and fraud would decline. But who’s going to introduce such a bill, and who would vote for it?

One thing we can do without any legislation is teach our kids better ethics. I was talking with a top executive of a big company, and he told me something his teenage son confided to him. After school lets out, his son gathers with his friends in the parking lot and they take out their homework sheets. They look at the math assignment and divvy it up: “You do problems 1–5, you do 6–10, I’ll do 11–15. And then we can e-mail each other the answers.” It was a sobering discovery. The executive told his son, “You get an A for creativity and a D for not learning anything.”

I heard about high school students at another school who were counterfeiting tickets to the annual school musical and selling them. There’s hardly any money involved—but it’s the thrill of the scam. Otherwise decent kids are being corrupted, because it all seems so harmless. It’s not about lawbreaking as much as beating the system. Everyone wants to get from point A to point B as quickly as they can.

I’m not trying to overly scare you. I don’t like habitually skeptical people, and it’s not my desire to breed a country of paranoid citizens. But in this land of milk and money, I’ve seen too many cons, come across too many phony products, watched too many slick pitches. Once you become a victim of a major fraud, your whole life changes. It takes the average person two years to clear his or her credit once it’s been corrupted. And it may take a lifetime to recover from the emotional anguish.

You need to start looking at the world the way I do, with eyes wide open. Ask me when fraud will stop and the answer is never. Fraud has become one of the constants of life. To bet against its continued inroads without action being taken is a sucker’s bet. We have to decide: Do we take control of fraud, or does fraud take control of us? We have the might to reduce fraud. The question is, do we have the will?