Getting intimate with strangers ...

Is privacy a quaint notion from a bygone era? Never has there been a generation so willing to reveal their most intimate details to complete strangers. We share our thoughts via blogs, our private pictures via online photo albums and our personal details via social networking site. We line up by the thousands to get onto Big Brother and Idol. We bare our souls to the world and really don’t care who is watching.

But watching they are. There are those who are not interested in what is happening in your life, they just want your life.

A few years ago, I worked in a team that implemented a new fraud system for a major bank. The person in charge of the Fraud department is extremely busy. When you walk into his office, he has mug shots about 5cm by 4cm, pasted on the wall of those who have tried to commit fraud against the bank. Two walls are covered and that is from fraud attempts from that year alone.

He showed me the photo of one person who had 30 different aliases. These aliases were not just made up names but had driver’s licences, passports, the works, for each alias. I asked him how it was possible that someone could get such documentation that was clearly fraudulent. With the right information and technology, you can reproduce these forms of identification.

Identity fraud is one of our biggest problems, a problem that has been exasperated by the rise of technology and by the decline in following protocols by persons required to check the authenticity of identification (such as store clerks who at best give your signature on a credit card a quick glance). Most do not know what to look for to ensure that a piece of document, such as a drivers licence, is genuine.

In October 2007, the BBC show Watchdog showed just how easy it was to assume someone’s identity by making contact via the popular social networking site Facebook. They created a fictitious person called Amba Friend with a cartoon picture on her profile page. They then contacted 100 random users of Facebook inviting them to become friends. 35 replied even though they knew nothing about Amba.

One person who accepted Amba’s invitation was Scott Gould, 23 whose profile contained his date of birth and hometown. With these details, the Watchdog team were able to research further information on other websites. With the information they were able to obtain, the Watchdog team were able to successfully open an online bank account and credit card.

But taking precautions to protect your identity is not enough when those who handle your private information fail to follow procedures. A good friend of mine was a victim of identity theft this year. A person had responded to an ad that he placed in the trading post to sell a car. He said that he wanted the car but couldn’t come around straight away. He asked if he could make a deposit in order for my friend to hold the car. He asked for bank account details in order to transfer the funds.

My friend, being wary, gave the account number for a loan offset account that you could not make withdrawals readily. He also immediately contacted the bank to inform them of what was to happen and to look out for any suspicious transactions - all duly recorded against his details.

The perpetrator, having done some other research, using a false name and false address contacted my friend’s bank (not the bank I worked for) and had the passwords reset and the address details changed. They were on their way to taking control of the accounts. The bank employees had not followed procedures.

My friend had the foresight to monitor the accounts and saw what had happened. What was disturbing was that after my friend had everything restored, the perpetrators were able to have everything changed a further two times. My friend had to be issued with whole new accounts and now has a permanent credit watch placed on his accounts. Although he was lucky in that he did not lose any money, he wasted a great deal of time and energy, not to mention the extra cost he now has for the credit watch and the post office box that he now has all his mail directed to.

A colleague was bemoaning the other day on the red tape he had to go through to get a change of address on his drivers licence. His wife who was a signatory was required to attend an RTA office to provide proof of identity. I pointed out that this was probably necessary, as the driver’s licence has become the de facto primary source of identification, mainly because it contains a photo. If someone had fraudulently obtained a change of address, they could then take over your drivers licence. With a drivers licence, they are well on their way to gaining access to all sorts of things, such as obtaining a mobile phone, which can be used for illegal purposes, obtaining an Internet account to view illegal sites or to open a video store account and then take off with a stack of DVD’s. And whom do you think the authorities will come after?