Chinese hackers turn to identity theft

To exploit the 'faceless society' on line is glorious

Organised Chinese fraud rings on the mainland and overseas are more likely to hack databases to compromise credit and identity details than ply the more traditional avenues of bribing bank employees favoured by their Nigerian counterparts, a federal investigator claims. "The Chinese gangs have moved into the electronic age where they're using hacking techniques and Internet theft," US Secret Service Special Agent Gregory Regan explained in testimony before the Senate Judiciary Subcommittee on Technology, Terrorism and Government Information Tuesday. Identity theft is an increasingly easy scam now that so much information is available on line, Regan warned. "The Internet makes it unnecessary for criminals to obtain identity documents," he said. The Net is creating a "faceless society" where it's easy for an identity fraudster, even one overseas, to open a credit account on line, sometimes with nothing but his victim's name and social security number, Regan observed. There were 1,147 cases of identity theft resulting in 644 convictions reported in the US during 1999 alone. The US Social Security Administration reports that over 81 percent of social security number misuse involves ID theft. Most incidents are part of some larger, organised criminal enterprise. Committee Chairman Jon Kyl (Republican, Arizona) sponsored the Identity Theft and Assumption Deterrence Act, which became law in 1998. He convened Tuesday's hearing to review the act's success and seek suggestions for its improvement. The act requires the Federal Trade Commission to assist ID theft victims, which it now does, in part, via a Web page here. In spite of recent efforts to address the problem, victims often find that recovering their identity is immensely more difficult than losing it. Witness Maureen Mitchell recalled a seemingly endless series of difficulties in sorting out her records after being vicitmised by fraudsters who ran up US $110,000 in bogus charges in her and her husband's name. Her suggestion for amending the bill would require merchants and credit agencies to develop a single, unified protocol for victim notification. "We had to submit handwriting samples to twenty different merchants; we had to submit notarised documents and affidavits. It's like filling out your tax return twenty times with twenty different sets of instructions," she observed dryly. Having considerable personal experience with filling out American tax returns, we can say without hesitation that the victim is being punished quite severely here, and can only offer our hope that the criminals might suffer half as much. ®

Sponsored: Today’s most dangerous security threats