Tips for ID’ing ID Theft

Recent estimates show that as many as nine million people have their identities stolen in the United States every year.  Chances are you may already know someone who is a victim of this crime.  The economic cost to members and credit unions is staggering, and the time victims may spend in trying to fix the damage done to their credit can often be counted in years.

Federal credit unions are now required to comply with the FACTA Red Flags Rules and while the deadline has been extended to the end of the year for state chartered credit unions, good member service demands attention to prevention.  What are the Red Flags that might tip you off to a potential case of identity theft?

The Federal Trade Commission has been nice enough to provide us with some examples of Red Flags to look for.  This is in no way an exhaustive list, but should be used as examples to help encourage the detection of identity theft.

Red Flags found in Alerts, Notifications, or Warnings from Credit Reporting Agencies:

  • Look to see if either a fraud or active duty alert has been placed on the member’s credit report.
  • Did you receive a notice of credit freeze in response to a request for a consumer report?
  • Look to see if there is a notice of address discrepancy.
  • Patterns in the credit report that are not consistent with the member’s previous credit history.  These could be things such as:
    • A recent and significant increase in the volume of credit inquires.
    • A large number of newly established credit relationships.
    • Using more of the available credit than previously, especially on newly established credit relationships.
    • Account closures for abuse of account privileges.

Red Flags from Suspicious Documents:

  • Does the identification looked altered or forged?
  • The person does not match the picture or description on the identification.  (The license says 6’1” and 230 lbs, but the person in front of you is all of 5’ 6” and 145 lbs dripping wet.)
  • The application looks to be altered, forged, or gives the appearance of having been destroyed and reassembled.  (If it’s a bunch of pieces that have been taped back together, then worry.)
  • Information on the identification differs from what the person is telling you.  (“That’s my old address; I just haven’t gotten my license updated yet.”)
  • Information on the identification does not match with information readily available to you, like the signature card.

Red Flags on Suspicious Personal Identifying Information:

  • Personal identifying information does not match with information from external sources.  (The address does not match what is found on the credit report.)
  • The Social Security Number has not yet been issued by the Social Security Administration, or is on the SSA’s Death Master File.
  • Date of birth and SSN do not correspond to the number range on the SSA’s issuance tables.
  • Address you know is bogus.  (1060 West Addison for all you movie buffs)
  • Address is a mail drop or prison. 
  • Phone number is invalid, or goes to a pager or answering service.
  • Person cannot provide additional identification information beyond what is generally available on a credit report or could be found in a wallet.  (Does not know their password or security phrase on their account.)
  • Address or phone number provided has been used in other cases of known fraud.

Red Flags Related to Suspicious Account Activity:

  • A request for a new debit of credit card shortly after an address change for the related account.
  • New credit card is being used in ways that are commonly associated with fraud patterns.
    • Majority of the available credit is quickly used for cash advances, jewelry purchases, electronics, or other items that can be quickly converted to cash.
    • Customer fails to make the first payment, or makes the initial payment but does not make any further payments.
  • The account is being used in manner that is inconsistent with established behavior.
    • Not making a payment when the member has never missed or been late on a payment before.
    • Big increase in the use of available credit.
    • Significant change in the purchasing or spending patterns.
    • Unexplained and significant change in the use of electronic transfer features on a deposit account.
  • Dormant account that is suddenly in use again.
  • Mail returned undeliverable from member’s address, but account still being used for transactions.
  • Member stating that they are not receiving their statements.
  • Member notifying you of unauthorized transactions on the account.

As part of your program to comply with the FACTA Red Flags Rule you would want to establish how you will detect red flags.  You will also want to establish policies and procedures to prevent and mitigate identity theft.  And regularly review and update your program as necessary.

The FTC has also provided information you can share with you members to help them Deter, Detect, and Defend against ID Theft.

Deter:

  • Shred financial documents and paperwork with personal information before you discard them.
  • Protect your Social Security number.
  • Don’t give out personal information on the phone or internet unless you know who you are dealing with.
  • NEVER click on links sent in unsolicited emails.
  • Don’t use obvious passwords.
  • Keep your personal information in a secure place.

Detect:

  • Be alert for signs that require immediate attention:
    • Bills that do not arrive as expected.
    • Unexpected credit cards or account statements.
    • Denials of credit for no apparent reason.
    • Calls or letters about purchases you did not make.
    • Charges on your financial statements that you don’t recognize.
  • inspect your credit report regularly.  Visit www.AnnualCreditReport.com.  This is the only free site for getting your credit reports from the three major credit reporting agencies and is managed by the FTC.

Defend:

  • If you suspect ID theft, place a “Fraud Alert” on your credit reports and review the reports carefully.
  • Contact the security or fraud departments of each company where an account was opened or changed that you did not initiate.
  • File a police report.
  • Report the theft to the Federal Trade Commission.

ID Theft truly is a case where an ounce of prevention is worth much more than a pound of cure.  Early detection and prevention will save credit unions and their members countless hours and large financial costs.

For More Information

Please visit the Federal Trade Commission’s ID Theft website for more information and tips in preventing ID Theft.

Posted in Article Post.