Identifying Identity Theft

Recent Federal Trade Commission (FTC) estimates show that as many as 9 million people have their identities stolen in the United States every year. Chances are you already know someone who is a victim of this crime. The economic cost to members and credit unions is staggering, and the time victims are forced to spend to fix the damage done to their credit can often be counted in years.

Both state and federal credit unions are now required to comply with the FACTA Red Flags Rules, but what should you look for? What are the red flags that might tip you off to a potential case of identity theft?

While by no means an exhaustive list, the FTC has provided examples of red flags to look for to help encourage the detection of identity theft.

Red Flags Found in Alerts, Notifications, or Warnings From Credit Reporting Agencies:

  • Either a fraud or active-duty alert has been placed on the member’s credit report
  • A notice of credit freeze in response to a request for a consumer report
  • A notice of address discrepancy
  • Patterns in the credit report that are not consistent with the member’s previous credit history, such as:
    • A recent and significant increase in the volume of credit inquiries
    • A large number of newly-established credit relationships
    • Using more of the available credit than previously, especially on newly-established credit relationships
    • Account closures for abuse of account privileges

Red Flags from Suspicious Documents:

  • The identification looks altered or forged.
  • The person does not match the picture or description on the identification. (For instance, the driver’s license lists the driver at 6’1” and 230 pounds, but the person in front of you is all of 5’ 6” and 145 pounds dripping wet.)
  • The application looks to be altered or forged, or it gives the appearance of having been destroyed and reassembled.
  • Information on the identification differs from what the person is telling you. (“That’s my old address. I just haven’t gotten my license updated yet.”)
  • Information on the identification does not match with information readily available to you, such as the signature card.

Red Flags on Suspicious Personal Identifying Information:

  • Personal identifying information does not match with information from external sources. (The address does not match what is found on the credit report.)
  • The Social Security Number (SSN) has not yet been issued by the Social Security Administration (SSA) or is on the SSA’s Death Master File.
  • The date of birth and SSN do not correspond to the number range on the SSA’s issuance tables.
  • The address is plainly bogus (for example, 1060 West Addison, for all you movie buffs).
  • The address is a mail drop or a prison.
  • The phone number is invalid or goes to a pager or answering service.
  • The person cannot provide additional identification information beyond what is generally available on a credit report or could be found in a wallet, such as not knowing their account password or security phrase.
  • The address or phone number provided has been used in other cases of known fraud.

Red Flags Related to Suspicious Account Activity:

  • A request for a new debit or credit card shortly after an address change for the related account
  • A new credit card is being used in ways that are commonly associated with fraud patterns.
    • The majority of the available credit is quickly used for cash advances, jewelry purchases, electronics, or other items that can be quickly converted to cash.
    • The customer fails to make the first payment, or makes the initial payment but does not make any further payments.
  • The account is being used in a manner that is inconsistent with established behavior.
    • Not making a payment when the member has never missed or been late on a payment before
    • Big increase in the use of available credit
    • Significant change in the purchasing or spending patterns
    • Unexplained and significant change in the use of electronic transfer features on a deposit account
  • A dormant account is suddenly in use again.
  • Mail is returned as undeliverable from the member’s address, but the account is still being used for transactions.
  • The member reports that they are not receiving their statements.
  • The member notifies you of unauthorized transactions on the account.

As part of your program to comply with the FACTA Red Flags Rule, you should establish a system for detecting red flags. You will also want to establish policies and procedures to prevent and mitigate identity theft. Regularly review and update your program as necessary.

The FTC has also provided information you can share with you members to help them deter, detect, and defend against identity theft.

Deter:

  • Shred financial documents and paperwork with personal information before you discard them.
  • Protect your SSN.
  • Do not give out personal information over the phone or internet unless you know who you are dealing with.
  • NEVER click on links sent in unsolicited emails.
  • Do not use obvious passwords.
  • Keep your personal information in a secure place.

Detect:

  • Be alert for signs that require immediate attention, such as:
    • Bills that do not arrive as expected
    • Unexpected credit cards or account statements
    • Denials of credit for no apparent reason
    • Calls or letters about purchases you did not make
    • Charges on your financial statements that you don’t recognize.
  • Inspect your credit report regularly. Visit www.AnnualCreditReport.com. This is the only free site for getting your credit reports from the three major credit reporting agencies and is managed by the FTC.

Defend:

  • If you suspect identity theft, place a “fraud alert” on your credit reports and review the reports carefully.
  • Contact the security or fraud departments of each company where an account was opened or changed that you did not initiate.
  • File a police report.
  • Report the theft to the FTC.

Identity theft truly is a case where an ounce of prevention is worth much more than a pound of cure. Early detection and prevention will save credit unions and their members from large financial costs and countless hours of work.

Visit the FTC’s identity theft website for more information and tips on preventing identity theft.

Posted in Awards.