On Christmas day, I decided to check my credit card balance online for no particular reason aside from boredom (I always seem to be alone on Christmas). To my shock, I saw my balance was totally out of whack with my spending, and I soon saw why: Someone was placing all kinds of bizarre charges on my card, including a stay at a Las Vegas casino, several dating services, Hotmail-plus accounts (three of them!) and sundry other online shit. Alarmed that I might have to foot the bill for the fraudsters, I called my credit card company and told them what happened.
It’s a lot easier to tear companies down on your blog than to praise them, but I have to say Bank of America handled the mess incredibly well. Within minutes, I was talking to a security investigator and all the charges were dropped; I was told I’d have a new card in two days. I have rarely been treated so professionally and politely by customer service people.
Of course, I’d love to know how the bastards got my data to begin with, and especially how they paid a hotel bill with a card they didn’t have in their possession.
Which leads me to a good article I just read on the idiocy of banks and every other business identifying people solely based on their Social Security numbers.
Ironically, during the first few decades that Social Security cards were issued, they contained the phrase, “Not to be used for identification.” However, since no law was passed to prohibit the use of Social Security numbers as identification, institutions, including hospitals and banks, began using the nine-digit number to identify their customers.
….
“Social Security numbers are used way too much for unnecessary reasons like identification on Medicare cards, student ID cards or driver licenses,” says Hillebrand [an attorney for the publisher of COnsumer Reports].She says that unless you are applying for a loan where they need to check your credit history or a potential employer needs your Social Security number for tax purposes, there is no reason that businesses could not use a different identifier.
“Both government and businesses need to distinguish between convenience and importance. There needs to be a standard of disconnecting ID function from credit function,” says Hillebrand.
If businesses are asking their customers to guard their personal identification to help reduce ID theft and fraud, but the businesses continue to use the Social Security numbers as their main source of identification, the businesses are doing exactly what they preach against by allowing access to these special numbers.
“It’s a bomb in the town square; it needs to be defused,” says Mark Durham of Identity Theft 911.
Another example of a glaring problem that could be easily solved if those in control would just put their minds to it. As usual, it will take an earth-shattering crisis affecting millions before anything changes.
1
By Gordon
Glad everything worked out for you, Richard. Identity theft is an ordeal that doesn’t usually go so smoothly for the victim.
December 28, 2005 @ 7:54 am | Comment
2
By yuanme
A friend and I tried to put a combined online order through. The friend’s card was denied much to our surprise (because of the limit), so I tried my card. Friend called the card company and the charge had been entered three times, I called my card company and charge was entered two times. That’s 5 times charge for one order. It was an accident and they took all the charges off. One card company mentioned something about “echoing”. I don’t know, but I’m glad it turned out all right.
December 28, 2005 @ 1:02 pm | Comment
3
By Jeffery
Richard you are much luckier than me. about 3 months ago, much money was stolen from my card by one online C2C web site. the card company told me that they are helpless on this case when i was reporting it to them because this is nothing to do with them.
December 28, 2005 @ 6:56 pm | Comment
4
By richard
Jeffrey, that’s really scary. I guess I got off easy.
December 28, 2005 @ 7:08 pm | Comment
5
By amida
Have you considered trying to get Microsoft to hand over the IP addresses of whoever’s been using the Hotmail accounts?
December 29, 2005 @ 2:32 pm | Comment
6
By richard
That’s up to the investigators. I really don’t care who it was, as long as they’re caught.
December 29, 2005 @ 6:11 pm | Comment
7
By Shanghai Slim
Richard, I was going to mention this, but I wasn’t sure if I should, but …
… the day before Christmas I happened to be changing planes in Vegas, when to my surprise I spotted Other Lisa working the craps tables!
She was swanning about, tossing around benjamins like they were crinkled paper tigers. She had a couple of conspicuous “dates” on her arm, and was loudly insisting everyone write to her at her expensive new Hotmail-Plus accounts.
When I asked her how she got the loot, all she said was “Snort!”
I’m sure it’s just a coincidence, Richard, that’s why I didn’t want to mention it …
December 30, 2005 @ 8:31 am | Comment
8
By richard
Thanks for the laugh, Shanghai, and Happy New Year.
December 31, 2005 @ 6:07 am | Comment
9
By Matt Waters
Something similar happened to me over Thanksgiving. My thief must have gotten ahold of my PIN number when I had been in a jam and used my card to withdraw some money. Apparently the guy made a fake card with all of my information, and began withdrawing large sums from ATM machines. He got close to $3,000 in cold, hard cash. Luckily, I just learned that my credit card company has finished their investigation and decided to forgive the debt. Scary stuff!
December 31, 2005 @ 4:23 pm | Comment
10
By Jeremy Pepper
Maybe I’ll run into your doppleganger at CES! 🙂
Have a happy new year, and hope all’s good.
December 31, 2005 @ 10:59 pm | Comment
11
By ACB
“the idiocy of banks and every other business identifying people solely based on their Social Security numbers.”
Maybe if you’re a white American, but that’s certainly not my experience.
A year or so after 9/11 I tryed to open up a account with a large national financial institution.
They asked me for about a million different forms of ID including my passport and proof of address/residence, then the had to send all of my data to head office and run who knows how many checks on me to ensure that I was who I said I was and that I wasn’t a terrorist.
All in all it took nearly 3 months.
The Moronic thing, I’d been banking with them for nearly 15 years, during which time they had been my main western currency holder and had proccessed about a million transactions for me. Yet they still treated me as if I were were a terror suspect.
January 2, 2006 @ 2:46 am | Comment