- News & Events
September 25, 2013
In virtually every society desecrating the dead is taboo. Notorious 19th century Scottish grave robbers Burke and Hare, who provided bodies to medical schools, were likely reviled as much for digging up the dead as for the murders they committed to fill their corpse quota.
They may not commit murder, but 21st century cyberghouls are guilty of taking the very last thing the dead own, their identities. What may be overlooked is that in addition to monetary considerations, cyberghouls often inflict great emotional pain on the ones left behind.
In a piece on hamptonroads.com, Kathy Adams writes about a family who discovered after they buried their eighteen-year-old that his identity had been stolen. This is their story:
Virginia and Kenneth Welch, like many parents, never thought about having to bury their 18-year-old son, close his accounts, settle what little there was of the community college student’s estate.
They certainly never thought about checking Gregory Welch’s credit report after his death.
But when the still-grieving parents went to file their son’s tax return a few months after his Valentine’s Day death in a Shore Drive crash, they got a surprise: someone had beaten them to it. They contacted the Internal Revenue Service and, later, the U.S. Attorney’s Office for the Eastern District of Virginia, and learned their son had been a victim of identity theft, Virginia Welch said.
They believe someone stole his identity after he died.
The crime compounded the family’s grief and added an additional burden as they worked to undo the damage. Their story is not unusual, several identity theft experts said.
While other forms of identity theft are more common, thieves will often target deceased people, trolling obituaries, taking advantage of departed relatives or misusing information from the Social Security Administration’s Death Master File, said Steven Toporoff, an attorney in the Federal Trade Commission’s Division of Privacy and Identity Protection. The file lists the Social Security numbers of people who have died and is intended to prevent fraud, but it can be abused, especially if creditors aren’t diligent about checking it, he said.
Experts said there are no good statistics on this form of the crime. Overall, identity theft victimized 8.6 million households in 2010, the most recent year for which data is available, according to the U.S. Department of Justice.
Virginians filed 6,616 identity theft complaints with authorities last year, according to FTC data. Nearly a quarter – 1,558 – were in Hampton Roads, the data said.
Identity theft cases make up about 75 percent of the workload in the Virginia Beach Police Department’s Economic Crimes Unit, Detective Jerry Cale said. The unit handles about 1,800 cases of all types a year. The number of identity theft cases grows each year, but typically the victims are still living, he said.
When the victim is deceased, the financial damage is often less severe because the person doesn’t have to work to repair his or her credit in order to take out loans or obtain credit cards, said Eva Velasquez, president and chief executive officer of the Identity Theft Resource Center, a San Diego-based nonprofit that runs a national hotline for victims and provides other free services.
She said it can take a larger emotional toll on survivors like the Welches, though.
Virginia Welch said she was never mad at her son’s friend, 19-year-old Stephen Barry Clark Jr., who was driving with Gregory Welch in the passenger seat when he lost control of his car and crashed. Clark had been speeding and pleaded guilty to involuntary manslaughter, receiving a six-month jail sentence.
But she said she is livid at whoever took her son’s identity. The family found out exactly eight weeks after his death.
“It was just kind of like being punched in the stomach,” she said. “It’s such a dishonor to our son.”
What can be done? In addition to closing all of a deceased person’s accounts, experts recommend notifying credit-reporting agencies that the person has died and asking them to place a “do not issue credit” alert on his or her file. Whoever is handling the person’s estate – typically a spouse, parent or attorney – also should check the person’s credit report for at least a year to ensure no suspicious activity crops up, they say.
The Welches said there was no indication anyone had used their son’s information before his death. They said the IRS and the U.S. Attorney’s Office have assured them they’re investigating.
Gregory Welch’s real tax refund, earned delivering pizzas last year, was worth only $10, Virginia Welch said. She said whoever filed the false one probably took the IRS for much more.
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, Botnets, CNP fraud, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Cyber Warfare, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, PII, ThreatMetrix Cybercrime Defender Platform, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, TrustDefender Cybercrime Protection Platform, Web Fraud