Rob Douglas of InsideIDTheft.info sent me a press release that could have also been appropriately titled, “Federal Indictment Proves Anyone Can Steal Your Identity by Phone:”
Steamboat Springs, CO – December 10, 2008 â€“ InsideIDtheft.info today issued a warning to U.S. consumers following a new federal indictment in New Jersey that demonstrates that anyone can rob a bank by phone.
On November 24, 2008 the U.S. Attorney for the state of New Jersey announced the arrest of multiple defendants â€œcharged with engaging in an international conspiracy to deplete millions of dollars from U.S. victimsâ€™ home equity lines of credit [HELOC] using personal information obtained through identity theft and unauthorized computer access.â€ Those named in the case are alleged to have stolen financial account information and funds by calling the bank and impersonating real customers from institutions such as Citibank, JPMorganChase, Wachovia, Washington Mutual, Bank of America, Navy Federal Credit Union, Pentagon Federal Credit Union, U.S. Senate Federal Credit Union, the State Department Federal Credit Union, and dozens of other financial institutions. Those indicted are estimated to have successfully stolen more than $2.5 million from innocent customers of banks and credit unions, and have unsuccessfully attempted to steal approximately $4 million more.
According to the New Jersey U.S. Attorneyâ€™s Office, the defendants â€œroutinely traded confidential customer information such as Social Security numbers, motherâ€™s maiden names, and online banking passwords over e-mail; impersonated bank customers through a process known as â€œsocial engineeringâ€; used technology to disguise caller identification information; and changed customer address information in bank files. Proceeds from the scheme, which currently exceed at least approximately $2.5 million, made their way to conspirators in Japan, Nigeria, Canada, South Korea, among other countries.â€
â€œThe facts as alleged by the U.S. Attorney unfortunately demonstrate that the warnings in my repeated testimonies before the United States Congress over the last decade have come true,â€ said InsideIDTheft.info editor Rob Douglas. â€œAmericansâ€™ financial accounts are not being protected by the financial industry. Anyone can rob a bank by phone.â€
Mr. Douglas, an expert on the use of social engineering and â€œpretextâ€ phone calls designed to steal financial account information and funds by phone, has repeatedly warned of the threat posed to the financial services industry by social engineering and pretext calling. Douglas is also an expert on the use of Caller ID Spoofing, also allegedly used in the NJ case. His testimonies â€“ both state and federal â€“ have resulted in a number of laws being passed. Yet, Douglas notes that â€œthe majority of banks are still easy picking for identity criminals and there is not enough being done by the financial services industry to protect the security of Americansâ€™ funds.â€
InsideIDTheft.info advises all Americans to do the following to protect financial accounts:
- Never provide account information in reply to an email or phone call purporting to be from your bank. Reputable banks will never ask you to provide information by phone or email.
- Use alphanumeric passwords and PINS for both telephone and web account access. Never use motherâ€™s maiden name or other biographical data.
- Monitor all financial accounts on a weekly basis to spot fraudulent transactions.