The New Face of ID Theft - Interview with Linda Foley, Founder of the Identity Theft Resource Center
To help prevent these crimes - and to help banking institutions to protect their customers - Linda Foley, founder of the Identity Theft Resource Center, discusses:
Linda Foley founded the Identity Theft Resource Center with Jay Foley in 1999. The nationally recognized victim assistance and public education organization was established in response to an epidemic rise in identity theft crimes. Today, Linda is acknowledged as an expert on identity theft issues.
A former victim of identity theft, Foley has dedicated herself to assisting other victims, serving as a victim advocate and increasing public and corporate awareness of theft. An expert in all areas of identity theft victimization, Linda now focuses on family, child and domestic identity theft cases. Besides general audience and business presentations and seminars, she frequently addresses college students, parents and seniors.
Linda Foley has testified before state and federal legislative hearings, the Federal Trade Commission, Social Security Administration, California Department of Consumer Affairs, California Attorney General ID Theft Task Force, and the Department of Motor Vehicles.
TOM FIELD: Hi, this is Tom Field, Editorial Director with Information Security Media Group. The topic today is identity theft, and we are privileged to be speaking with Linda Foley, Founder of the Identity Theft Resource Center. Linda thanks so much for joining me today.
LINDA FOLEY: Thank you for having us.
FIELD: Just to get started, why don't you tell me a little bit about the Identity Theft Resource Center and your unique tie to it please.
FOLEY: Well, the Identity Theft Resource Center is a non-profit 501(c)(3) organization whose main purposes are to provide best-in-class victim assistance at no charge to consumers, and that is throughout the United States, to educate consumers, corporations, governmental agencies and other organizations on best practices to help to prevent and actually to reduce the risk of fraud and identity theft, as well as mitigation, and then to provide enterprise consulting and outsource services related to information breaches, fraud and identity theft.
FIELD: So as I understand it, you also were a victim?
FOLEY: Yes, I was a victim of identity theft. In fact, the unique tie that most of have to the Identity Theft Resource Center is almost everybody in this office has been a victim of identity theft or personally knows someone who is a victim of identity theft. So we have a very unique group of people who work with the Identity Theft Resource Center who I think make us more caring, more professional and more empathetic to the victims and consumers who call us.
FIELD: Very good. Linda, what have been sort of the greatest identity theft concerns so far in 2008?
FOLEY: Based on the calls we are receiving, the scams probably head the list. A lot of people are calling in wondering is something a scam, what do I do; I think I just responded to a scam. They are also calling a lot about what are these for-profit consumer products, are they of any value?
I think what is most misunderstood about identity theft is that it's not just a financial crime, and that a lot of these consumer products only help in the area of consumer crime. They also ask 'do I have to purchase a credit monitoring service, or if I become a victim who is going to be there to help me, and do I need to purchase a resolution service,' without understanding that there are a lot of programs out there that provide services without charge, including the Identity Theft Resource Center.
FIELD: Now Linda, given economic conditions, we hear a lot about the heightened threat and opportunistic crimes. What are your biggest concerns about identity theft as we transition into 2009?
FOLEY: We have several of them. I think as credit becomes harder to get and as we are tightening up the world of credit fraud, and the banking institutions are doing a great job of that as well as the retailers, we are going to see more check fraud because that is not nationalized as far as a merchant receives a check and has no way to confirm is this an open account or is this even an account that really exists or not.
We are seeing identity theft of children. We are seeing identity theft of the deceased; we are seeing more breaches. I don't know if it is because there are more, or people are just reporting them more. And then we have seen in the newspapers recently a lot more cyber crime, where we see large professional organized groups that are using the internet to commit identity theft and fraud.
FIELD: A couple of questions that are related for you. One, in your experience how are banking institutions doing in helping customer avoid identity theft and what can they be doing?
FOLEY: Banking institutions can be doing a lot in terms of education. Each month you send out a billing statement, and you could be including a newsletter, which explains some of the scams that are currently going on. The FBI has a sheet on scams, and we've seen some of the financial institutions that post that in their lobbies have reduced scam risk, or that their tellers are looking for problems, especially with the elderly who seem to be targeted on telephone scams. But when they see them withdrawing large quantities of money, they are asking them, 'did you just get a telephone call saying you've won something or whatever?' It sounds a little nosey, but in fact but what they are really doing is saving this person's entire security.
On the other side, banks and financial institutions have also made it harder for victims of identity theft. We are seeing them move a little more slowly in terms of helping to clear up the mess that the identity thieves have created.
FIELD: That's interesting. What have you found to be most effective? I hear a lot from the banking institutions that say that the statement stuffers don't necessarily work because they kind of get tossed out.
FOLEY: I think it depends on the format that the statements stuffers are in. If it just looks like another fold-up rather than maybe a tri-fold with great big headlines and something in color that really draw the attention of someone. If it just looks like another sheet of paper in there, I am probably going to throw it away also. People do go into banks, and that's why something on a wall saying these are the most recent scams that we've heard of do make a difference.
The other thing that we've said for years now is the banking institutions can all go together and do one advertisement and say, everyone whose logo you see on the wall behind us will never email you or call you and ask you to verify your account number or your Social Security number and that is a scam. Wouldn't that be fantastic?
FIELD: Now that seems to be something that individual institutions do, but as a consortium, as an industry, I guess you don't see that.
FOLEY: You don't see that, and that is something that would open the eyes because people are receiving these and they wonder, 'could my bank be doing that?,' so they are a told as a matter of fact across the country the financial institutions are not going to do this, and then there is no question about it any longer.
FIELD: Right. What are some things that consumers can and should be doing to help themselves and protect themselves?
FOLEY: They need to be informed about what is identity theft. They also need to understand safe information handling, to use passwords instead of mother's maiden names for instance when we are dealing with banking institutions, and to ask questions; why do you need my Social Security number? What will happen if I don't give it to you? Is there an alternate number or an alternate system that we can use to help identify me?
FIELD: That's a good point. I mean even recently going to get a new wireless device I found that they wanted a Social Security number. When I asked why, they really couldn't answer, but it is just because they have a space in their system where they are supposed to put that in.
FOLEY: Correct. So we need to be less compliant and ask more questions.
FIELD: Linda, you've been involved in this for a good deal of time now. What do you find to be most misunderstood about identity theft as it affects people now?
FOLEY: Most people believe identity theft has to do with check fraud, with someone using your existing credit card or opening up a new credit card or some of them don't even think about check fraud, but it goes far beyond that. We have younger thieves. We have people who are targeting specific populations, the elderly, children, critically ill patients, those who speak limited English for instance.
That there is criminal identity theft that people can use your information and get a job which may affect your benefit status one way or the other so that it is not just a single crime, but it is really an umbrella term for a number of different crimes, and I think the most misunderstood crimes are medical identity theft, criminal identity theft, things that relate to government issues such as welfare benefits and such.
FIELD: Now we are coming up to the turn of the year so I am going to ask you sort of a two-part question here in terms of New Year's Resolutions. In terms of banking institutions, which certainly we speak to and individuals, what are the resolutions that they should be looking at going into 2009?
FOLEY: As far as banking institutions, I think their resolution should be to audit their information handling procedures, update them and to set a written policy so that we are minimizing the amount of information that individual people see and that it is being handled in a safe way so that we are not going to continue hearing about backup tapes that are not encrypted that are being transported from one place to another.
As far as individuals go, they should resolve to have a locked mailbox. It is amazing how much postal theft is going on that leads to identity theft, so that they have a locked mailbox and they don't carry their Social Security card on their body and that they start to ask questions. Again, why do you need my Social Security number? What will happen if I don't provide it to you? How will you store it and when you don't need it any longer/ How will it be destroyed? And I think that has to do on the business side to make sure that information is destroyed appropriately, that it is encrypted and that is all part of the policy. It is updating their information and it ties into the Red Flag compliance rules anyway.
FIELD: Very good. I would be remiss if I didn't ask you, how about the Identity Theft Resource Center, what is your resolution for the New Year?
FOLEY: Our resolution at the Identity Theft Resource Center is to increase our revenues, which because we are grants- and foundation-sponsored means we have to find more people who are willing to support the cause of identity theft so that we can expand our phone system and the number of advisors that we have available. And hopefully we get out to more conferences and talk about information handling in a collaborative way because we believe that the only way that we can fight the criminal is when we work together as a team with the banking institutions, with law enforcement, with other corporations and with the consumer groups. Alone we can't accomplish anything, but united, then it is us against the criminals.
FIELD: Very Good. Linda thank you for giving us the opportunity to help spread the word.
FOLEY: Thank you.
FIELD: We've been talking with Linda Foley, Founder of the Identity Theft Resource Center. For Information Security Media Group, I'm Tom Field. Thank you very much.