Identity Thieves Cheat 27 Million in United States
FTC survey cites crime spike, though not all in cyberspace.
Grant Gross, IDG News Service
WASHINGTON -- About 27.3 million U.S. residents have been victims of identity theft in the past five years, according to a Federal Trade Commission survey, but it's unclear how many of those crimes occurred through technological means such as the Internet.
The FTC estimates that 9.9 million U.S. residents have been victims of identify theft during the past year. Businesses and financial institutions lost $48 billion during that time, while consumer victims report $5 billion in out-of-pocket expenses. The phone survey of more than 4000 adults in March and April is the government's first comprehensive attempt to determine the number of victims and the cost of identity theft.
Some Surprises
"It was considerably higher than I expected," says Howard Beales, director of the FTC's Bureau of Consumer Protection. "In planning this survey, we did the sample as large as we did because we thought we were going to have a hard time finding victims. Unfortunately, that's not the case."
The FTC's numbers are higher than most previous estimates of identity theft. A Gartner survey released in July found that there were 7 million victims of identity theft in the previous year, while the FTC received about 380,000 complaints about identity theft in 2002. An Internet survey by Privacy and American Business, released in July, found that 33.4 million U.S. residents have been victims of identity theft since 1990.
Nearly half--49 percent--of those who said they were victims of identity theft in the past five years didn't know how the thief obtained their information. Though 23 percent blame a theft, the theft could range from a credit card statement stolen from a garbage can to a hacker lifting credit card numbers from an e-commerce site. Another 13 percent say that the thief obtained the personal information through a transaction of some kind, possibly a Web transaction.
Beales notes that the FTC has been involved in several attempts to prevent identity theft online.
In July, the FTC settled a civil action against a 17-year-old Californian who allegedly tricked America Online subscribers into releasing their credit card numbers and other information on a bogus Web site presented as AOL's billing center. In June, the FTC settled a case with clothing and accessory vendor Guess, which was accused of failing to take appropriate measures to secure its Guess.com Web site.
Safe Surfing
Still, Beales doesn't cite the Internet as the source of most acts of identity theft. Nothing in the report suggests that online transactions with trusted Web sites are dangerous, he says.
"We don't know of any problems that have resulted from consumers who shared information with a secure Web site that uses [Secure Sockets Layer] encryption to transmit information," he says. "There clearly are hazards on the Internet, because consumers can end up at a site that is not what they think it is."
Consumers should be careful when they get e-mail asking them to click on a link and update their data online. In many cases, the request is part of a scam sometimes called "phishing," similar to the scheme employed by the California teen. Consumers who think they have legitimate billing issues should go to a site directly instead of following an e-mail link, Beales says.
"Clicking on the link could take you anywhere in cyberspace, and then you don't know what will happen," Beales adds.
Survey Findings
The FTC report defines identity theft to encompass incidents as diverse as using another person's name to try to gain government benefits or to open a credit card account. About 4.6 percent of the people surveyed said that they were a victim of some kind of identity theft in the previous year, with 3.1 percent of those surveyed saying that the thieves got access to existing credit cards or other accounts. Another 1.5 percent of the people surveyed said that someone tried to open new accounts in their name.
The average out-of-pocket expense per victim was $500, which might include attorney fees or absorbing the losses, Beales says. On average, each theft obtained $4800 per victim.
When thieves gained access to existing accounts, 67 percent of the accounts were credit cards. Another 19 percent were checking or savings accounts, 9 percent were for telephone service, and 3 percent were for Internet service.
Also this week, the Information Technology Association of America launched an antitheft effort, the Coalition on Online Identity Fraud, to combat identity theft online. Greg Garcia, ITAA's vice president for information policy, praises the FTC's report. His group plans to work with the U.S. Congress and the FTC on ways to combat identity theft.
"The fact that they're getting their hands around the problem is the first step...in stamping this down," Garcia says.
