There has been a lot of news in the media recently about identity theft and whether identity theft protection services are a necessary purchase.
One of the claims is that identity fraud isn’t as big a problem as many organisations allege and therefore products to insure against the crime aren’t necessary.
I’m not going to discuss the latter – you can draw your own conclusions, but I am going to present you with the evidence that identity fraud is a serious issue and that consumers do need to take preventative measures, whatever those measures are.
So is identity fraud a big problem?
The short answer to this is ‘yes’. Figures from the National Fraud Authority (NFA) estimate that every year in the UK identity fraud costs more than £2.7 billion to the UK economy and affects over 1.8 million people. To put these figures into perspective,
the 2009/2010 British Crime Survey reported an estimated 659,00 domestic household burglary incidents in England and Wales (July 2010). So we have more than twice the number of identity fraud victims than burglaries. The Home Office website
http://www.identitytheft.org.uk/default.asp states that "if your identity is stolen, you may have difficulty getting loans, credit cards or a mortgage until the matter is sorted out.”
Annually at CPP we resolve around 6,500 cases of identity theft; victims who need our help to prove the fraud, clear their credit file and allow them to get their lives back on track. We also take hundreds of thousands of calls to our helpline, conduct web
surveillance to look for customer details held on insecure websites or being traded online and issue tens of thousands of credit alerts to consumers informing them of significant changes to their credit files allowing early intervention to stop potential identity
fraud. One of the easiest ways to spot identity fraud is to monitor your credit status, but you have to do this on a regular and sustained basis as it’s only a ‘snapshot’ in time.
So what type of identity fraud do we commonly deal with? The most common form of is account takeover affecting over 40% of victims. Typically this is where a customer’s financial, online or mobile phone account is taken over and used. Financial account takeover
often involves funds being removed from accounts either by direct debit, payments or transfers being set up without the customer’s consent. For mobile phones, this involves upgrading an existing account for the phone or adding additional handsets.
Other types of identity fraud are fraudulent applications for credit cards, loans and mobile phones using the victim’s identity that are used to accumulate large amounts of debt. Catalogue fraud is also common; this is where goods are ordered and the victim
is charged, but never receives the goods.
Less common forms of identity theft, but fraud cases we do nevertheless help resolve on behalf of our customers include false bank accounts, benefit fraud, mortgage applications and car lease applications.
Finally one of the messages regularly reported in the media is that under the UK banking regulations consumers will be covered for financial losses provided they have not been negligent. This is true for fraud on their existing current accounts or credit
cards, for example, a fraudster steals £5,000 from your current account through a skimming attack. The bank is required to reimburse those losses as long as you haven’t been grossly negligent.
However, it is important to note that it is not always so straightforward for new lines of credit fraudulently obtained under someone’s identity. If a fraudster obtains credit, for example, a payday loan, store card or offshore loan, or goods and services
including mobile phone contracts or catalogue purchases, the theft of the individual’s identity gives the creditor a ‘prima facie’ case – evidence that is sufficient to raise a presumption of fact or establish the fact in question unless rebutted – against
the customer. In this situation the credit provider would treat the customer as liable for the debt until the customer could prove otherwise.
If the creditor looked to enforce the debt, it would be up to the customer to produce evidence to the contrary to persuade the creditor that they had been a victim of identity theft and not liable for the debt. The practical reality of the situation is that
the victim is liable unless they can establish their innocence. With some victims having multiple lines of credit taken out under their stolen identity this can be extremely time consuming and stressful.
It is clear identity fraud is a problem. The increasing use of wireless networks and smartphones that hold increasing amount of personal and sensitive financial information will undoubtedly present the fraudster with more opportunities to commit fraud. Recent
media stories about apps being infected by malware including the ‘DroidDream’ which can take command of a mobile handset and send personal details to a remote server, show personal data stored on a handset is just the latest technological innovation open to
exploitation. Furthermore the source code for the Zeus malware – a computer virus responsible for a number of high-profile infections since 2007 – has been put up for sale with a $100,000 price tag by its creator threatening to unleash a host of new Zeus variants
that need to be identified and blocked.
In light of this and many other examples, consumers do need to take protective measures to manage their identities and safeguard their personal information.