Fraud & Identity Theft: More Common Than You Think

Before the advent of the internet, global electronic communications, and online databases, it was a simpler time for the world of fraud: mainly consisting of counterfeit money and documents signed with a forged signature. While these crimes caused inconvenience and loss, the extent of the damage was relatively limited in scope and financial loss compared to today. 

It was not that long ago that people did not consider themselves vulnerable to fraud and identity theft since these crimes were so rare and so financially limited in scope. Law enforcement units would only allocate a tiny portion of their budget to combat fraud and identity theft. However, thanks to technological advances in the past couple of decades, fraud and identity theft have become easier and easier to perpetrate, leaving law enforcement, as well as the general population, scrambling to play catch-up with cyber criminals.

According to the FBI, the rise of fraud and identity theft crimes are showing no signs of slowing down. Just take a glimpse at the sampling of fraud and identity theft related crimes that have occurred in the past couple of years alone:

• In March 2015, Premera Blue Cross revealed that two months earlier, they discovered that hackers had gained unauthorized access to approximately 11 million of its current and former health care customers; names, addresses, Social Security numbers, telephone numbers, birth dates - info that could be used to open accounts in victims' names - were stolen.
• In September 2014, JPMorgan Chase disclosed that in July that same year, hackers gained unauthorized access to their clients' contact information, but, thankfully, no financial data was breached. Even though no financial information was stolen in this case, it is quite unnerving that a financial firm of that size and power could be hacked at all.
• Also in September 2014, Home Depot confirmed that approximately 56 million credit cards used for in-store purchases in the United States were compromised due to a hack that ironically occurred just as they were putting the finishing touches on their 45-page playbook on how to respond to a hack. It is estimated that the breach set Home Depot back almost $62 million.
• In December 2013, Target released a press statement confirming that they had suffered a data breach in whcih a hackers had obtained unauthorized access to the debit/credit card information of approximately 40 million of its customers. To date, the breach has cost Target roughly $67 million.

In reponse to the increase of fraudulent activities brought on by identity theft, many companies specializing in 'protecting' people against identity theft have been established. However, even as specialized as these companies can be, 'protecting' people against identity theft typically amounts to no more than responding to the financial aftermath of identity theft that has already occurred. After all, if 'protecting' against identity theft was readily possible, wouldn't there be less data breaches at companies that already spend millions securing their customers' data?

Before the turn of the century, people simply didn't need to worry about large-scale data breaches- a good number of businesses still operated through good old-fashioned paperwork, not data entry. I bet you can still remember the days when you needed to tell the pizza place ahead of time that you were planning on paying with a credit card so that the delivery driver could bring the carbon paper with him/her; if you didn't, you hoped you had enough spare change around the house to pay for the pizza with cash. Unless a criminal were to break into the pizza place and copy/steal written credit card info, your financial info and identity would remain safe.

It is the same technology that allows us to place pizza orders with greater ease than ever before that gives cyber criminals opportunities to exploit any weaknesses in a financial system. The answer to this problem isn't to do away with technology- who wants things to take more time? The answer is to understand financial technology in the way criminals understand it, and to find weaknesses and strengthen them before identity thieves find a way to exploit them first.