Oprah, Call Your Broker - Internet/Web/Online Service Information

Two men allegedly tried to drain the brokerage and bank accounts of America's wealthy. Cops recently cracked the case, giving a glimpse of a quiet epidemic: Identity theft.

THE NEWS LAST WEEK THAT TWO Brooklyn men had allegedly usurped the identities of such luminaries as Oprah Winfrey, George Soros and Ted Turner to steal millions of dollars proves that no one is immune to identity theft, a range of crimes that runs from stealing credit card numbers to concocting phony personas, complete with credit reports and college degrees.

That's what the New York City Police Department's Computer Investigations and Technology Unit learned when it cracked the case of Abraham Abdallah and Michael Pugliese, the two men arrested and charged with possession of forged instruments and attempted grand larceny. In a complicated scheme, the men had allegedly obtained credit reports and other information about some of America's wealthiest individuals to access their brokerage, credit card and bank accounts. Abdallah's attorney says the fact that his client had the names doesn't mean he's guilty of the crimes.

Officials could not say how widespread the crime was and which celebrities had been targeted. What they do know was that when they arrested Abdallah March 7, they found a copy of Forbes' annual report on "the 400 richest people in America." Written into the margins of the dog-eared magazine was some of the wealthy individuals' home addresses, bank account numbers, account balances and even their mothers' maiden names, which are often used as account passwords. Although the police did not release the victims' names, sources close to the investigation say they included record mogul David Geffen, Disney CEO Michael Eisner and media powerhouse Martha Stewart.

What is known was that it all began in December, when Merrill Lynch received an e-mail requesting that $10 million be transferred from the account of Thomas Siebel, founder of the software firm Siebel Systems, to an account in Australia. The transfer would have caused an "imbalance" in Siebel's account, so the brokerage contacted him. The executive said he never made the request. Merrill Lynch then found similar requests on the accounts of other well-known clients and alerted the authorities.

While New York City police detectives and federal investigators continue to unravel the plot, some hope the case's notoriety will convince local law enforcement agencies across the country to take identity theft seriously. Like other crimes the Internet has helped to facilitate, such as securities pump-and-dump operations, credit card fraud and investment scams, ID theft is dramatically on the rise. Responsibility for policing the crime on the national level is sprinkled over more than half a dozen agencies, including the Social Security Administration, the FBI, the Secret Service, the Postal Inspector's Office and the Justice Department. Leading the multi-agency effort is the Federal Trade Commission.

In contrast to the television spotlights that shone on last week's case, FTC attorney Jim Kohm and his assistants work in quiet anonymity. Most of their work takes place in a small computer lab at FTC headquarters in Washington. The lab is crowded with attorneys and investigators surfing the Web. Bleary-eyed staffers come and go. The investigators download evidence onto Zip disks and pore over computer printouts.

Kohm is hunting for Web sites that offer to sell you someone else's identity or an entirely fake identity -- just one of the many ways that the Internet can facilitate identity theft. By themselves, the objects of the crime seem innocuous enough: Social Security numbers, addresses, birthdays and other personal data. But taken together, they allow a thief to use someone else's driver's license number, birth certificate, security clearance or even a college degree as if it were his or her own.

The tools of Kohm's trade are simple: off-the-shelf software, including Web Detective, Snagit and Sam Spade. But the team's task is overwhelming. The agency expects to receive more than 100,000 calls this year from people affected by identity theft. "It's like trying to put the toothpaste back into the tube," says Kohm.

The irony of the Internet's role in all this is that it makes so much personal data available to steal while allowing criminals to work anonymously. And after assuming a new persona, the thief exploits the Net's lightning speed to quickly use his or her new identity for profit.

Last week's incident could be the biggest scam yet in an epidemic of identity theft, which has been a federal crime since 1998. The FTC, charged with helping consumers whose identities have been misappropriated, received between 100 and 200 calls a week when it opened its toll-free help lines in November 1999. Now it gets as many as 2,000 calls a week.

During a recent surfing session, Kohm stumbled across a site that would let him buy forms to make false driver's licenses, birth certificates, student IDs, permits to carry concealed weapons, bartender cards and other types of identification materials. Some of the site's metatags -- hidden words or phrases used to help search engines identify and index a site's content -- included "illegal ID," "fake ID fraud," "forging documents" and "how to create a new identity."

The ID site offered two levels of service. The first let visitors download and print forms for free. The other provided a better quality template but required membership fees ranging from $29.99 to $49.99. Using a fake ID template from the site and a link to a Social Security number verifier program, it took FTC investigator Glen Aldridge less than 10 minutes to find a Social Security number that was issued in Utah in the birth year she was looking for. (Numerous Web sites provide information on Social Security numbers for a small fee.) Later, she was able to verify the name and address of the person with that Social Security number. Other information that was readily available online included birth date, previous address, spouse's name and telephone number.

After having her picture taken with a digital camera and downloading the forms for the licenses, Aldridge became Laney McBride of Salt Lake City and Laney McBride of Tampa, Fla. Had Aldridge chosen to, she could have opened charge accounts, obtained bank loans and applied for benefits under her new name.

As it happens, this case wasn't too hard to crack -- the site's proprietor, a Tarzana, Calif., marketing specialist named Jeremy Martinez, listed his name and address on the site. In most such cases, however, the person selling access to new identities -- or ways to create a new identity -- is difficult to find.

Martinez's attorney, Megan Gray, says her client is cooperating and notes that he shut down his site in December. "He's not doing anything wrong," Gray says. "They're novelty identifications. One was for identification for the Russian mafia. It's obviously a joke. If people want to use them for other things, such as fake driver's licenses, he's not responsible for that."

Identity theft expert David Myers compares such cases to "ghost chasing." Most of the time, someone whose identity has been stolen isn't aware of the theft until a credit card bill arrives or a collection agency comes calling. Homes and cars have been bought. Driver's licenses secured for ineligible drivers. Underage drinking facilitated. Taxes evaded. Fraudulent loans obtained. And, in the New York case, it appears that brokerage accounts have been debited.

"It's a very difficult case to work," says Myers from his Tallahassee, Fla., office, where he is in charge of the Fraudulent Identification Program for the Florida Division of Alcoholic Beverages and Tobacco. About 30 percent of the false ID documents his office seized in 2000 were obtained on the Internet, up from about 1 percent the previous year. Myers expects that figure to rise to more than 60 percent in 2001.

Until recently, identity theft was considered primarily a crime against businesses -- the banks, merchants, credit card companies and others that write off the bad debts of identity thieves. But the problem hits online retailers even harder than traditional stores because businesses that have the credit card number, but not an imprint of the card and the signature of the buyer, cannot hold the card issuer responsible. That means the unlucky online retailer has to swallow the charges.

And while a consumer's liability for unauthorized charges is capped at $50, that doesn't mean identity theft is a victimless crime. In a room full of carrels at FTC headquarters, counselors calmly answer calls to the agency's identity-theft hotline. The callers are often confused and upset.

An agitated Miami doctor calls to complain about unauthorized charges to her credit card for a purchase made online. After she canceled the card, she tried to do a little detective work, calling the merchant where the items were ordered and asking where they had been delivered. But the merchant refused to give her the information and the police refused to take a report.

Sam Bolden, a silky voiced FTC counselor, advises the doctor to call back and insist that the police take a report - even if they don't investigate. "You may need the report as proof to creditors that you didn't make the charges," Bolden tells her. Then he outlines the other things she needs to do. Call the three major credit-reporting agencies. Put a fraud alert on all credit cards and hank accounts. Check with the Social Security Administration before filing taxes this year to be sure that additional earnings from an impostor aren't attributed to her.

Besides the time and hassle factor, proving who you really are can also be part of the problem. Think about the things that identify you - your name, your Social Security number, date of birth, address and information about your personal appearance. Now, take those all away and give them to someone else. How would you prove that you are who you say you are? And how would you prove that someone else bought that Jaguar, not you?

In the most serious cases, victims have been denied employment, denied credit or even jailed because of inaccurate records created in their names.

No one is beyond the reach of identity theft. Even FTC Chairman Robert Pitofsky has been a victim. In the spring of 1999, Pitofsky's government Visa card number was stolen. Later a bill arrived for charges to television shopping channel QVC and other merchants. Pitofsky had to send a letter to Visa disputing the charges.

"You can't pay for the emotional cost," says Betsy Broder, the FTC'S assistant director for planning and information. "Those who are most harmed are the very people with the best credit reputation, who've worked hard to establish good credit and pay their bills on time." Often, that damage is irreparable.

Take the case of Nicole Robinson, a 31-year-old single mother who owns her home in Lanham, Md., and pays her bills on time. A round-faced woman with short-cropped hair, Robinson is normally far more careful than most with her personal information. She shreds receipts and bills - separating the shredded material and putting it in the trash on different days so it can't be pasted back together.

Nevertheless, in March 2000 the fraud department of Kay Jewelers notified Robinson that a San Antonio, Texas, woman was using her personal data, including her Social Security number, to get credit. The woman bought two watches and a $2,000 ring in one day, then came back the next day to get more credit. The salesman was suspicious and called the fraud department, which found out that the Nicole Robinson with that Social Security number lived in Maryland.

It turned out that the woman using Robinson's particulars also was named Nicole Robinson - but with a different middle initial. She had stolen the other Robinson's information from HMO forms processed by the company she worked for. Even after the victimized Robinson called all three credit-reporting agencies to put fraud alerts on her reports, the Texas woman bought a 2000 Mitsubishi and purchased two Dell computers for $8,000 - all using the first Robinson's information. Over three months, $36,000 worth of goods was charged and 60 inquiries made on Robinson's credit report. She was denied a bank line of credit and was unable to refinance her home because of the black mark on her record. Collection agencies began calling her at home.

For Robinson, the biggest fear is that the problems of her identity theft will be repeated indefinitely. "It will be a constant battle for me to prove I'm not her," she says. "It's like she had a key to my house. She came in and took all my things. I can't change the lock. She can come back anytime."

                      Getting To Know You, Personally
      Credit card fraud is the most popular motive in identity theft.
PURPOSE                                      PERCENTAGE [*]
To obtain or take over a credit card account        53%
To acquire telecommunications services              27%
To obtain or take over a checking account           17%
To obtain a loan                                    11%
To forge an official ID or obtain                    8%
 government benefits
(*.)TOTALS MORE THAN 100 PERCENT BECAUSE
INDIVIDUALS CAN BE VICTIMIZED IN SEVERAL WAYS.
SOURCE: THE FEDERAL TRADE COMMISSION

COPYRIGHT 2001 Standard Media International
COPYRIGHT 2001 Gale Group