identity theft: fallout, investigation, and prevention

I.D. Theft: Fallout, Investigation, and

Prevention

Welcome to the Financial Management Institute WebinarWednesday, February 12, 2014 1:00pm EST

Panel:• Jennifer Fiddian-Green, CPA, CA-IFA,

CMA, CFI, CFE, CAMS, Forensic Accounting, Investigations and Anti-Money Laundering, Grant Thornton LLP Canada

• Dt. Ian Nichol, Detective at Toronto Police Service Financial Crimes Unit

Moderator:• Lori Glen, FBMC Executive Coordinator

at Ministry of Finance, Government of Ontario

Who’s Collecting Your Data?Do you Trust them?

Jennifer Fiddian-GreenPartner, Grant Thornton

Identity Theft and Mortgage Fraud• Received call from mortgage

company collector: 'late on payments and where was the money?'

• Two properties, each with a mortgage, located in Brantford, Ontario

• Together likely worth about $360,000; registered mortgages totaled $494,060

Identity Theft and Mortgage Fraud• Two different financing companies

lent money to organized group using my name and SIN number.

• No actual interaction with the ‘customer’- transaction completed through phone call, fax, and mortgage broker.

• Other than name and SIN, all other information on file was false.

Equifax and TransUnion• Obtained reports electronically from

websites…• Concern immediately was the number

of organizations who had accessed credit information (as opposed to there being a lot of credit accounts that I was not familiar with)

Attempts Made to Obtain Financing

Interestingly… I identified 12 attempts to use my credit to obtain financing, only 2 attempts were successful. What happened in the other 10 cases?

Fraudsters learned with each attempt made (but the last two were not the successful two). The application did get better and better. In the beginning the ‘FiddianGreen’ application was likely not that sophisticated

How can you be aware of the damage Any number of things can have

already occurred:• Money is withdrawn or transferred• New accounts or loans have been

created• Credit cards or any goods & services

ordered.• Retail purchases

Damage to credit records and other negative impact can be irreversible

Signs of being victimized Creditors mentioning and requesting

funds for unknown loans Notices of denied applications or other

letters hinting at unknown activities Bills for goods and services Missing statements or mail indicating that

correspondence is being diverted Banks contacting by email or telephone,

indicating to go to branch and get a new card

How Easy is it to Obtain the Personal Information…

• Theft of mail/mail diversion– Completing a change of address form– New cheques, bank and credit card statements, promotional

offers – Tax information/forms

• Organizations, government, businesses and institutions– Stealing/hacking information from employer: data on servers,

screen shots, photos– Thieves infiltrate as employees– Bribing targeted employees who have access to records – Social engineering - “conning” information out of employees– "Lost" data as it is couriered, transported between locations

• Theft of credit or debit card numbers– “skimming” - capturing cardholder information in a data storage

device

How Easy is it to Obtain the Personal Information…

• Courier carriers- lost data after pick up• Credit reports

– abusing their authorized access from their employer– posing as a landlord, employer, or someone else who may have a legal

right to access your report

• “Dumpster diving”– rummaging through trash and dumps

• Physical theft of wallets, purses, electronic storage devices, house break-ins

…the Data is Accessible, So Many Sources…

• IT servers, where are these today? Outsourced operations, CLOUD computing

• Garbage, recycling, 'secure' document destruction

• “Phishing” and “pretexting”– Theft of personal information by posing as legitimate companies

claiming that you have a problem with your account. Telephone and computer/email

• Keystroke logging, data copiers

The Bigger Picture• The integrity and credibility of our

systems is essential, foundational. We need to be diligent

• Protection of personal information is paramount: Organizations, credit bureaus. businesses, government need to be vigilant!

• Lending organizations need to be proactive in work undertaken to know their customer

• Managing fraud risk costs money. Where is the pendulum?

Visiting the Two Mortgage Companies• CIBC issued the mortgage using their

‘Firstline’ branding, I was a legitimate customer at the time

• Other company- non-conforming mortgage company, they called me looking for payment, same broker had 2 other deals that resulted in ID theft, appears she was targeted by fraudsters

• Understand that both of these companies are victims.. But also unwitting enablers!

Calling the Seller!• Within about three days I had

reached a point where I knew (or thought!) the next step was to contact the seller of the properties

• Same name in each case- ‘the husband’

How Could This Happen?• Financing/lending companies• Appraisers• Lawyers• Mortgage Brokers• Real Estate Brokers• Credit Agencies• Land Registry Offices• Hot real estate market, increasing

prices

So it’s about informationMinimum amount of information to impersonate someone is simply a name but access to the following can cause real damage

Full name Date of birth Social Insurance Numbers Full address Mother’s maiden name Username/password for

Web sites

Observations on Identity Theft

Detective Ian NicholToronto Police ServiceFinancial Crimes Unit

• Enacted January 8, 2010• Recognized identity theft was not

sufficiently addressed in Criminal Code• Created new offences for acts that were

related to fraud/personation, but not specifically illegal.

• Electronic interception now authorized for offences related to forgery, identity documents, and personation

Identity Theft Provision: Bill S-4

• Identity theft & Trafficking of Identity Information

• Personation to avoid arrest, prosecution, or obstruct justice

• Possession & trafficking of forged documents• Make, repair, trafficking of forgery

instruments, credit card forgery devices• Possession Canada Post mailbox key• Fraudulent re-direction of mail

New Offences Created

• Individual offences investigated at Divisional level

• Criminal organizations dedicated to identity theft investigated by Financial Crimes Unit, Organized Crime Section

• Charge of Participation in Criminal Organization seldom laid

• Most identity theft investigations relate to Criminal Organizations, but not investigated as such

Toronto Police Service & Identity Theft

• True name identity theft• Complicit identity theft• Payment card cloning• Profile creation. (Not identity theft,

but identity creation)

Typical Investigations by FCU/OC

• Account take-overs • True-name false account applications• “Creations” from true identity• Fraudulent advance tax returns• Title theft• Vehicle lease/theft• Immigration fraud• Warrant avoidance• Avoidance of travel restrictions• Laundering proceeds of crime

True Name Identity Theft

• Ex-patriots returning home, sell identity for exploitation

• Allow account take-over & feign being “victim”

Complicit Identity Theft

• Identity information (card data/PIN’s) unlawfully obtained through ATM/POS tampering, server breach, hacking

• Forged payment cards produced and utilized. (Victim’s inconvenienced, but usually assume no losses)

• “Identity Theft Light”

Payment Card Cloning

Identity theft is usually a group effort

• Middlemen with connections to persons with access to identity information, provide “players” with info sought

• Continuously developing new contacts within financial community, other private sector, and government. (wine + dine/pay per “profile”)

• Treat Identity information as a commodity.• May do so in person, or via web• Generally ID info is sold in “bulk”

Connectors & Brokers

• Bank employees• Other corporate employees• Government employees• Other persons with access (Doctors

office, insurance companies, etc.)

Persons with access to Identity Information

C-phone on bank call-taker when arrested

Crew leaders directing “runners”

Forgers are required

• Some operate within loose networks who maintain connections, but not aligned with any particular group

• Others clearly operating within criminal organizations, many of which are based outside of Canada

Organized crime versus networks in GTA

• Players rely heavily on underground web for ID information

• Ability to network greatly enhanced• Players operate internationally• Multi-national investigations pose

problems for law enforcement

Web enabled criminality

• Ability to operate enhanced by web based applications that allow call spoofing, I.P. spoofing, ID shopping

• Ability to operate internationally• Web utilized for money laundering

Hamond JINADU’s “research”

Money laundering sitesClosed by US Secret Service

Call spoofing site

I.P. Spoofing Site

Skype Message to accused in Toronto, from runner in Chile

• Tolerance of identity theft is incentivized

• Those in a position to counter identity theft actually realize financial benefit if they allow it. (Retailers, used car dealers, jewellers

• If approval for suspect transaction is obtained, they get paid. No incentive to exists detect or deter fraud

About Prevention of Identity Theft

• “No blood, no foul”• Non-violent, therefore, not important• High level of tolerance towards fraud.

Banks perceived as enemies. “Victims will get their money back”

Social Attitudes

• R v MARINOV et al (Project Holiday)• R v JINADU (Project Easy)• R v RAMASAMY (Project Rocket)

Recent Identity Theft Investigations (Crim. Org Laid)

Questions and AnswersBe sure to tune in to next month’s webinar!• “Reflections from an International Financial

Management Professional”• Presenter: Kevin Ross• Tuesday, March 4th, 2014