Identity Thefts from the Rich and Famous
How can you be a trainee dish washer?
A trainee dish washer has been arrested in New York after allegedly using the Internet to defraud millions from US celebrities and millionaires.
According to the New York Post, which broke the story, Abraham Abdallah allegedly used Internet access at a local library and copies of Forbes magazine to steal the identities of 200 celebrities so that he could run up bills in their names online.
The 32 year-old is suspected of stealing millions of dollars from celebrities including Steven Spielberg, George Soros, former presidential candidate Ross Perot and Oracle boss Larry Ellison.
During the six months of the fraud he allegedly set up an elaborate network of post office boxes, Web-enabled cell phones and online voice mail services so that he could fool banks and avoid detection. He also used couriers to pick up goods and throw police off the scent.
The fraud was reportedly only discovered when an email request to transfer $10 million from the bank account of the founder of CRM magnate Thomas Siebel raised eyebrows at his bank, Merrill Lynch.
This tip-off allowed investigators to trace the electronic trail of fraudulent activities, which was far wider than anyone first suspected, and eventually enabled them to set up a trap at a drop off point for goods, where Abdallah was arrested.
The New York Post quotes unnamed sources who said that after Abdallah's arrest, police recovered a dog-eared copy of Forbes' "Richest People in America" list on which home addresses, cell phone and Social Security numbers, account numbers and balances - and even mothers' maiden names, were neatly jotted down.
Police are also said to have recovered notebooks and ledgers, counterfeit corporate papers, and rubber stamps.
It is believed Abdallah used the Forbes' article to draw up a list of victims about whom he subsequently obtained confidential financial information, by writing to credit reference agencies on forged corporate letterheads, bearing the names of brokerage houses.
This confidential data was allegedly enough for him to impersonate celebrities and gain access to their credit cards and other accounts at brokerage houses and investment banks.
"He's the best I ever faced," Detective Michael Fabozzi of the NYPD's Computer Investigation and Technology Unit, told the New York Post
Abdallah is charged with criminal possession of forged devices, stolen property and criminal impersonation, in a case has been taken over by federal investigators. He denies the charges.
The case is one examples so far of identity theft, which as explained in an earlier article we published about the subject (by Kevin Mitnick), is set to become a much more serious problem.
Victims pay to ensure against risk
So far the response of those in charge of managing debt risk to identity theft has being to encourage consumers to buy products that allow people to monitor what is happening to their finances more immediately.
For example, credit reference agency Equifax has introduced products like Credit Watch and Credit Profile which are allow consumers to monitor their credit standing online.
Dave Mooney, a spokesman for Equifax, said through Credit Watch US consumers (though not those in the UK) would be able to get email notification when there are changes to their credit file, rather than hearing about problems from debt collection agencies trying to recover unpaid bills. It is also rolling out products that give consumers their credit scores.
Insurance firm PromiseMark estimates identity theft affects 700,000 people annually and costs $4bn, in response to which it has introduced what it bills as a Hacker and Identity Theft Protection Plan.
This service provides fraud resolution services to hacker and identity theft victims to assist in the recovery of credit and financial losses from their online and offline accounts.
Placing the onus on consumers to protect themselves from identity theft can only be part of the solution, and merchants need to take more responsibility about tackling the issue. After all it is financial institutions, and credit reference agencies, to are responsible for extending fraudulent lines of credit in the first place. Is it too much to ask that they invest to improve their systems? ®
Sponsored: Becoming a Pragmatic Security Leader