"For several years, we have been seeing anecdotal evidence that identity theft is a significant problem that is on the rise," said Howard Beales, director of the FTC's consumer protection bureau, in a statement. "Now we know."
The report notes since 1998, when the agency began tracking identity theft, after receiving the authority from Congress to do so, the number of complaints has doubled every year. For the first seven months of this year, 131,000 consumers complained and nearly 70,000 more are expected to follow suit by the end of 2003. That was a report compiled in 2003 imagine what the stats are on Internet Identity theft are at this time.
The studies show that from mid-2005 until mid-2006, about 15 million Americans were victims of fraud that stemmed from identity theft, an increase of more than 50 percent from the estimated 9.9 million in 2003.
The study surveyed 5,000 U.S. adults who use the Internet. The research found that identity theft victims are losing more money and getting less of it back. The average loss of funds in a case of identity theft was $3,257 in 2006, up from $1,408 in 2005. Additionally, the average loss in the opening of a fraudulent new account has more than doubled over that time, from $2,678 to $5,962.
Although he could not quantify the impact precisely, Beales said the breaches of security are costing the economy "billions of dollars."
In this day of fast acting cyber criminals, stealing identities happens in seconds. The only way to prevent identity theft is to use a proactive solution stopping Identity Theft before it happens.
The government report noted businesses that maintain information about consumers on their computers are working with the government to decrease their information security breaches. But technology industry critics complain businesses are not doing enough to protect consumers -- and prosecutors simply do not possess the resources to track all the identity theft crimes going on across the country every day.
"The operating mentality of most companies is, 'If we lose customers' personal data, we hope they don't find out about it,'" Bob Sullivan, author of a book about identity theft to be published next spring, who also writes about the topic for MSNBC.com, told UPI. "They're being negligent."
This alleged negligence manifests itself in many different ways.
"I've gotten a lot of calls from ex-hackers," Harvey Jacobs, partner at Jacobs & Associates, an Internet law firm with offices in Washington D.C. and suburban Maryland, told UPI. "They're usually computer consultants now, looking to drum up business. Their typical story is something like this: They've found a list of 8,000 credit card customer names through a back door search on a major company's server. They called the president of the firm to alert him about the risk, but nothing was done about it. That's simply carelessness. They're leaving the keys in the car, so to speak."
More malevolent hackers will simply "spoof" the identity of an authoritative individual or organization, such as the IRS, and try to trick the consumer into handing over personal data, Terry said. Or, they will try to steal the information once they sneak in through the back door of an Internet service provider or the server of a credit card company, such as American Express, she added.
Hackers also obtain passwords for online services -- such as AOL accounts -- from careless users who type in the password at an Internet cafe or coffee house. That is because hackers often install viruses on the computers to track their keystrokes, Jacobs said.
He recommended a way to avoid that: Type your password into a word processing document and cut and paste it later into the online application. "They won't be able to track that," he said.
Yet some identity thieves are very savvy and have figured out ways to obtain private information about consumers without breaking any criminal or civil laws.
"A lot of computer hackers are trolling online, or at sales, for refurbished computers, Stampp Corbin, president and CEO of RetroBox, a computer consultancy in Columbus, Ohio, told UPI. "They're buying computers that are sold 'as is' and 'where is.' That means that the person selling the computers hasn't wiped the hard drives clean. Of course, when they buy the computer, the information is then theirs. They own the property. They haven't done anything wrong to get the data."
This kind of problem is proliferating today, due to the growth of personal digital assistants, or PDAs, such as Palm Pilots, Blackberry Wireless devices, and wireless phones that double as daybooks.
"A few weeks ago, someone from Morgan Stanley (the investment bank) sold a Blackberry on E-Bay," said Corbin. "There were thousands of e-mails on there. There were also phone numbers and other, corporate information. That is just one indication of the ... data that remain on these retired computing assets."
Companies need to wipe hard drives clean of any computing device before reselling them, he said. But most do not.
"We just bought computers from a bank in the Southeast," Corbin said. "There's all kinds of information on these kinds of computers -- account information, board of directors' information, employee records."
Sullivan said he thinks the purely online retailers -- Amazon.com and Yahoo.com -- probably have the best security when it comes to handling their data assets. On the other hand, the so-called old economy companies -- banks and other financial institutions -- cause most of the identity theft problems for their customers, he noted.
"There are a lot of security holes," he added.
Consumers can protect themselves by checking their credit reports constantly. They also can report any bizarre experiences -- such as being probed by an apparent hacker looking for personal details online -- to the credit agencies and the authorities.
Except for a few high profile cases, however, consumers should not expect prosecutors to bring charges against individual hackers, Terry said, because there are too many complicated issues, such as jurisdiction over the crime and admissibility of evidence.
By Gene J. Koprowski, UPI Technology News