Threats

Stolen Lives

By Robert Lemos

Every time he goes out, Scott Sholiton worries that he might get arrested. Every time he answers the phone from an unknown number, he expects to hear a debt collection company looking to recover thousands of dollars.

More than two years after having his identity stolen, the former real estate agent does not think his life will ever be free from such concerns. The thief, still at large, has his name, Social Security number, date of birth and his annual income to within a few hundred dollars.

"Every morning when I wake up, I worry that he has taken out a mortgage in my name, a boat in my name or a car in my name," the Ohio resident says. "Already, he has arrest warrants in my name in five states that I have never been to."

Sholiton's headaches started in December 2007 when his credit-monitoring service notified him that someone had attempted to open up a $10,000 credit-card account in his name, using all the correct information. Sholiton canceled the account with Bank of America and reported the fraud to no less than five law enforcement and government agencies. However, that was just the beginning.

Two months later, Bank of America again called, asking him to pay $36,000 due on a business credit card for which he never signed. In June 2008, another bank hounded him to pay back the balance on a second credit card, this time for $13,000. By end of the summer, Sholiton had the debts canceled, but only after preparing a 12-page summary of his case to send to debtors and carrying a note from law enforcement that explains that Scott Sholiton is no longer a single person.

This is the life of an identity-theft victim, a class of society of which an increasing number of people can now claim to be a part. On average, 9 million Americans have to deal with the fraudulent use of their identity every year, according to protection firm Debix, which helped Sholiton deal with the theft of his identity.

"Earlier this decade, people read about identity theft," says Bo Holland, CEO of Debix. "By 2005, people started saying, 'That happened to my brother,' or a friend. It's moved from being a story to an experience."

Stealing from Babies
The crime takes many forms. While fraudulent charges on a victim's credit card are the most common form of financial fraud, such charges are easily removed from a victim's bill. New account fraud, which Sholiton experienced, is a far more devastating crime, taking years, if ever, to clean up.

In addition, kids' identities are increasingly put at risk. Criminals prefer basing their scams on children's information because parents are less likely to monitor their children's financial information. About 3 to 7 percent of kids’ identities -- typically, their social security numbers -- are being fraudulently or mistakenly used by someone else.

"It gives them [the thieves] a clean slate," Holland says.

A more pernicious form of identity theft is the use of another person's health insurance information.  Between 200,000 and 500,000 cases of medical identity theft occur every year, according to ID Experts, a data-breach prevention group. A fraudster will use the victim's Social Security number or insurance information to get treated at a hospital. The problem, however, is that the scam not only puts the victim's financial profile at risk, but can actually cause harm to person.

"Your medical records merge with those of the perpetrator," says Rick Kam, president and co-founder of ID Experts. "It can be life and health threatening at that point.”

A Life of Crime
Because so much is tied to a few pieces of personal information, the crime continues to be quite easy. Just ask Fred Allison.

Allison, likely not his real name, is the thief that stole Sholiton's identity. In his efforts to track down Allison and have him arrested, Sholiton learned a lot about the man: Allison ate at P.F. Chang's every week, shopped at Home Depot, and used the same gas station every week. Sholiton figures that he could have spotted his alter ego by going down to Atlanta, Ga., where Allison operated at the time, and waiting outside the restaurant or gas station.

He reported the information to the police, but nothing happened. From account documents, however, Sholiton believes that he knows how the identity thief operated.

In June 2007, the state of Ohio allowed an intern to take home a backup tape containing the income information of a million Ohio residents. The tape was stolen from the intern's car, and Ohio notified Sholiton that his information had been on the tape.

Somehow, part of that information ended up in the hands of one "Fred Allison."

Allison kicked off his identity scheme by applying for a cellular phone from Nextel in July 2007 in Sholiton's name and regularly paid the bill on time, creating a good credit record. He used that account as a reference to open up a business credit account at Dunn & Bradstreet in the name of SQL Associates. Using his good record and Sholiton's name, Allison then opened up a credit-card account for his business. Because Dunn & Bradstreet is a business credit agency, the account never showed up on Sholiton's consumer credit reports, slipping by the usual way of catching such fraudsters, the former real estate agent says.

Allison applied for two more credit cards, until in December 2007, Sholiton got wind of his activities.

Impossible Defense
Unfortunately, defending against identity theft is difficult. Until the recent downturn in the economy, the United States has relied on easy credit to fuel consumer spending. Applying for credit online, without having to appear in person, makes the crime easy. Add to that, the increase in online breaches -- typically treasure troves for online thieves -- and there is little that consumers can do about the crime.

"The trend to increasing online access has helped criminals perpetrate identity theft," said ID Experts' Kam. "The digital dust that lays around in databases and the pieces of information that reside online are accessible by anyone."

While breach-notification laws have given companies a public-relations black eye when they are forced to report a major incident, corporations and government agencies continue to leak consumers' personal information. Yet, consumers have to rely on companies to keep their information safe.

Consumers are not completely without defenses, however. They can still be stingy with their personal financial details and check their credit reports regularly or use a credit-monitoring service that does it for them. Since online thieves typically target the easiest victims, the more difficult a consumer makes it for them, the better, ID Experts' Kam says.

"If you do any number of things, such as shredding your credit-card receipts and keeping your firewalls and anti-malware defense up to date, that is very important," he says.

And while preventing identity theft might not always be possible, detecting it early is the best way to limiting the damage to your finances. Today, consumers have little choice but to keep track of their financial picture. A need that only becomes more acute for those who become a victim of identity theft.

"I can't live without a credit-monitoring service now," victim Sholiton says. "For the rest of my life, I will be checking my credit reports every month and waiting for the phone to ring saying that I have tried to open an account for $30,000."