How do they get your information

Where is all this data leaking from!?

(Image is in the Public Domain)

You should still be careful where you store documents in your house (because of family ID Theft) and what you throw away (dumpster-diving), but, thanks to the practice of Data Brokering, you have a much bigger threat to deal with. Most of the big-name companies do secondary trading in customer information making their database a trove of information on millions of potential victims at once!

There's no time in this course to explain how bad the problem really is and the potential consequences. for now, just understand that every time you shop, browse, or otherwise interact with companies like Google, Facebook, or Amazon, they silently watch and record your actions into personal profiles that they use to:

• Guide their business strategy – The trends and patterns they see in profiles can help them understand their customers and figure out what's popular and why. By itself, not such a terrible thing…
• Bin and Label Customers – Are you a savvy shopper? Companies are watching. They'll track who makes them money and who costs them and use that to determine what deals you get, prices you see, and services you quality for.
• Sell to marketers – There's a responsible and acceptable way to market to people, but I say that attacking people's fears and poor self-image isn't it.
• Give to ID thieves…

The last bullet isn't literally something they do, but it's not that far off. Companies have been caught selling profile information directly to ID Thieves and sometimes forget to make sure their employees aren't selling your data on the sly. Oops.

Even if we make the generous assumption that companies are diligently working to reduce those risks, we still have the data breach problem.

Data Breaches – The short version

Every data breach I have ever seen or heard of was due to gross negligence and not "clever hackers".

If you were an identity thief, why bother trying to build or even buy profiles yourself if you can just steal them en masse instead?

I'd bet you've heard of some of the more newsworthy breaches, but the rate and scope of data breaches is far higher than most people realize – enough that one might think we're in some kind of hacker Armageddon… if you buy into the rhetoric that the problem is hackers.

It's not.

Like a scene from a bad comedy, companies will lie on the floor coughing and bruised. They'll tell you a story about how they tried to stop them from breaking in and taking everything, but the hackers were just too strong (cue dramatic fainting scene). Quite the act.

The truth is that every data breach (that I know of anyway) including the big ones like TJX, the Office of Personnel Management, and Equifax were due to gross negligence and not "clever hackers".

It's a frustrating problem and I will teach you concrete steps and techniques to lower your risk a little bit later in this course, but for now just remember:

Building and selling detailed profiles on people is immensely profitable. There are not nearly enough legal restrictions on how data is collected and used. There is almost no accountability for breaches, even if they're caught losing your data. Basically, rampant data-brokering is the #1 reason you're at risk from ID theft today.

How they use your information

It wasn't me! It was my evil twin!

(Image used under: Fair Use doctrine)

So how does a thief use your data? Have you ever seen the "evil twin" cliche in a movie or TV show? Where someone who looks just like the main character gets into a ton of trouble, but everyone keeps blaming them? ID Theft is basically the same.

Here are some of the things your twin might be up to:

Account Theft

Think of all the things you can access online. Banking, gaming, social pages. What happens if I have enough of your private information to convince some Facebook administrator that I'm you and they unlock the account for me? What could I post that might anger your friends and family… or your boss? It's no joke… Have you heard of the "Facebook fired" stories? Where someone was fired for the things they supposedly said online?

Fun fact: there are a number of "Facebook fired" stories out there. Saying "my account was hacked" is a common excuse… but that's easier to say than prove

An ID Thief isn't likely to mess with your Facebook profile, but take that example and expand it to bank accounts, investments, or online gaming service (you'd be surprised how much digital content can be worth)? Now that you're more aware, the next time you call customer service, take note of how little of your information they require before deciding it's you.

Credit ID Theft

When I worked for retail stores, we were expected to push people to open in-store credit because:

• You are more likely to shop at a store you already have a credit card for.
• It gives them another hook to get you in the store and shopping (no-interest periods, free add-ons, etc.).
• The combination of interest and sneaking "gotchas" in the terms bring the store massive profit.

There are no consequences to store employees if the sale turns out to be fraudulent, but there is if they don't make their "numbers" for the day. Would it surprise you to know that I had managers directly look at and handle IDs that clearly had the photo replaced and fake credit cards with the ink from printing still tacky to the touch and say "looks fine, ring it up!" (spoiler alert: I didn't "ring it up").

Pro money tip: always get credit through a trusted credit union (or bank if you must) and not in-store or at the car dealer. It is possible to get a good deal, but the odds are always against you.

Employment ID Theft

If someone is out there making money, but using your name, you can be liable for taxes or fees they're not paying. If they get fired or commit a crime on the job, your name might be flagged at that company making it hard to get a job with them (which for bigger companies with lots of subsidiaries can mean a lot of closed doors!). It's also pretty hard to draw unemployment benefits when the system shows you're out there making money somewhere!

Criminal ID Theft

Bad guy is arrested. They use your information, get out on bail, then disappear. Vacationing gets a lot more fun when you have a surprise warrant for your arrest in a state you've never visited in your life.

In case you thought I was exaggerating, check out this story of a poor woman who faced both employment and criminal ID Theft.

Medical ID Theft

In one of the scariest of all, if someone uses your information to get medical services, there can be serious medical and legal consequences. What if they were treated for gunshot wounds or drug overdose (where hospitals are required to contact authorities in many states)? What happens if the wrong allergies or blood type are recorded and mixed with your records?

Bottom line

With enough information about you at my fingertips, the ways I can make your life miserable is limited only by my imagination. To prevent this, we need to cripple the ID Theft process by blocking the thieves from getting and using your information.

Comments are closed.