Introduction There is currently a huge growing number of criminals that now do greater and more widespread damage to their victims without ever meeting them. Identity theft surfaced in the early 1990 s and turned peoples everyday transactions into a data gathering game. Bits of personal information such as bankcards, credit card accounts, income, social security numbers or just someone name, address, and phone numbers are now collected and could be used illegally by these individuals without anyone's knowledge. The purpose of this study is to investigate what is being done to help control this growing crime in North Carolina. This includes the evaluation of the identity theft policies that the banks in North Carolina have in place. The study attempted to determine which bank had better and tougher policies as well as whether or not these security policies had helped reduce identity theft complaints in North Carolina since the date of it's origin.
Background of the study Identity theft is whereby an individual obtains some piece of an unsuspecting victim's sensitive information and uses it without their knowledge to commit fraud or theft. According to the Federal Trade Commission (FTC), "people whose identities have been stolen can spend months or years and their hard earned money trying to clean up the mess the thieves have made of their good name and credit record. Some victims have lost job opportunities, been refused loans for education, housing, cars or even arrested for crimes they didn't commit." According to the FBI statistics, Identity Theft is the fastest growing crime in the U. S.'s (Tribune Business News, 2003). Identity theft thieves have perfected the art of collecting information of unsuspecting victims and now all the law enforcement agencies, as well as affected companies, are working hard to find ways to combat these issues. There are several ways that identity theft thieves gain access to your personal information.
Lost wallets, purses, stolen or lost mail used to be the main source of such private information. Mail, which sometime, includes bank statements, pre-approved credit cards, and tax papers are a source of a large amount of data. In recent years, many have been known to steal records from their employer, bribe an employee who has access to these records, or hack into the organization's computers. The less sophisticated thieves have perfected the art of "dumpster-driving" rummaging through trash. Abusing employer's authorized access to credit reports or some even playing 'landlord' has given them unauthorized access to victim's reports. Some victims have been scammed fro information by an identity thief posing as a legitimate businessperson or government official.
In the most recent news from Concord, NC (Aug. 19, 2004), the police have uncovered a more sophisticated case of ID theft. The newspapers stated, "Authorities think a portable credit card reader, or skimmer, was used to read personal information off a credit card's magnetic strip. Then those details were applied to the strip on the back of a different cared." Information gathered from various nationwide newspapers have indicated that some employees of companies that handle personal consumer information such as banks and utility companies, among others, have emailed confidential loan files to unauthorized third parties. This inappropriate employee use of email can result in identity persecution of the customer who have entrusted them with their personal data. The thieves, who now have the information they need, proceed with going on spending sprees at the expense of the victim.
They open new accounts in their name and SSN, write bad checks against a checking account or run up the charges on a credit card, then leave them unpaid. Some take out auto loans or even file bankruptcy. Due to having another person's ID, the thieves have been arrested under the name of the identity theft victim, and sometimes, not showing up for their required court appearances has resulted in an arrest warrant issued in the name of the victim. According to FTC statistics, approximately 286, 000 Americans have their identity stolen each year. A survey they released they released in September 2003 reported that 27. 3 million Americans were victims of identity theft in the last five years 4.
6 percent of the U. S. population. Nearly 20, 000 of those were from North Carolina.
A typical victim can average $800 and 175 hours in almost one year in the attempts to clean up his or her credit. Usually, the fraudulent charges can amount to about $18, 000. Businesses, such as banks, mortgage companies, and etc. are also directly affected as a result of identity theft costing them billions of dollars each year. Table 1. 1: Information retrieved from the Federal Trade Commission's Identity Theft Report, 2003 In 2003, the Carolinas, annual identity theft reports provided by the FTC has shown a substantial increase in identity theft than the national average.
The data, gathered by the Consumer Data Clearinghouse, indicated that the nation averaged a 33% increase in cases from 2002, while North Carolina had a 63% increase, with 5, 537 reported cases. Identity theft was the top consumer complaint to the FTC in 2003 for the fourth consecutive year. In table 1. 2 and Figure 1. 1, the percentages of the different kinds of identity theft add up to more than 100% because 17% of victims from North Carolina reported experiencing more than one type of identity theft. Table 1.
2: Table showing different kinds of identity theft in North Carolina, 101 Identity Theft report, 2003 Figure 1. 1: How Victims Information is Misused, FTC report, 2003 Table 1. 3: The Top North Carolina Identity Theft victims Locations, Identity Theft report, 2003 Figure 1. 2: Introduction retrieved from the Federal Trade Commission's Identity Theft Report, 2003 Why is this important? The FTC has reported in various surveys that besides educating consumers on how they can minimize their risks in this arena, the companies that handle the general public's data have to play a role in ensuring that the security of the data is not breached. A computer crime and security survey found that of 488 general companies, 77% suspected a disgruntled employee as the source of a security breach (The Computer Security Institute/FBI, 2003).
Less than a quarter of the 3, 171 U. S. companies in Information Week Research's 2004 Global Information Security Survey monitor the content of their companies' outbound e-mail messages. This constitutes a weakness in companies's security practices. Losses attributed to the theft of intellectual property cost U. S.
businesses an estimated $70 million last year (Identity Theft Survey Report, Federal Trade Commission, September 2003). In addition to disgruntled employees, former employees also pose a threat to computer-based operations. According to the Information Week information-security study, companies have had their share of security problems caused by employees. Of 1, 115 U. S. sites reporting a security breach in the past year, 30 percent suspect unauthorized employees as being behind the incident, 17 percent suspect authorized workers, and 15 percent former employees.
Statement of the Problem This increasing numbers of identity theft cases, since the late nineties, have become a growing concern for the law enforcement agency and the community as a whole. Involving the public in this warfare calls for all organizations, banks included, to get tighter policies in place and protect the integrity and security of their customer's data. This study will show whether or not the implemented policies in the local banks have helped reduce identity theft cases overall. Research Questions and Hypothesis To perform our research study, we attempted to get answers to these questions: How do North Carolina bank policies reduce the spread of identity theft? To what extent are the policies of one bank better than the policies in the others in reducing identity theft occurrence? What role can N. C.
bank consumers play in reducing the risk of becoming identity theft victims? We hoped that the responses would prove our hypothesis: the banks that have tight security policies in place have less consumer complaints than those that do not. Literature Review As stated earlier, the method of data collection was done using a survey.