|
By Daniel Sieberg (CNN) - September 22, 2001
FBI Director Robert Mueller has acknowledged that some of those behind last
week's terror attacks may have stolen the identification of other people, and,
according to at least one security expert, it may have been "relatively easy"
based on their level of sophistication.
Chris McGoey is a San Francisco, California-based security consultant who has
worked with numerous major retailers on combating identity theft. He's seen
hundreds of falsified IDs, and while he hasn't seen the ones used by the
alleged September 11 hijackers, he offers some insight into how they could have
been obtained.
Fake identities can be created in a couple of different ways, he says; the
perpetrators could obtain information about an actual person to get duplicate
materials, or they could establish a virtual individual from scratch. The
latter would be more difficult, says McGoey, since it would require the
creation of documents.
According to McGoey, the key information these hijackers would have needed is
Social Security numbers (often the unique identifier for business use),
driver's license numbers, and date of birth or birth certificates. From there,
they could assemble a new identity. Even a person's address or name would help
them get started. A passport or visa would be more difficult to forge, says
McGoey, but not impossible.
And since state ID such as a driver's license or birth certificate often vary by
state or county, he adds, it's almost impossible for service employees to
verify the authenticity.
"If you take an L.A. birth certificate to New York, they're probably not going
to have a clue as to whether it's official or not," says McGoey.
"Could a common criminal on the street do this stuff? No. They're not
sophisticated enough. These (the hijackers) are people who researched, planned
and studied. They likely didn't have to go to a forger to do it."
Consumers unaware
In addition to obtaining the necessary documents, these hijackers would have
needed to appear confident and collected when showing them, says McGoey.
"If you act like you know what you're doing, you're going to get by eight times
out of 10," he says.
According to the Federal Trade Commission (FTC), identity theft crimes have been
on the rise in the past year.
Adding to the difficulty for investigators is the fact that most consumers have
no idea that their personal information has been misused for more than a year,
sometimes more than five years, reads the FTC Web site. The average amount of
time before it was noticed is about 14 months.
The FTC recommends that people regularly check their credit record, keep track
of all transactions and follow up with creditors if bills do not arrive on
time. Also, they suggest that people be aware of when personal information may
be shared over a Web site and read all privacy regulations issued by a
retailer.
Violations of the Identity Theft Act of 1998 are considered a federal crime and
could be investigated by such authorities as the U.S. Secret Service, the FBI,
and the U.S. Postal Inspection Service and prosecuted by the Department of
Justice. Individual states also have separate legislation.
|
