Ruthless ID thieves are robbing identities even from the grave, a new study has found.
Nearly 2.5 million dead people are victims of identity theft every year, according to a data analysis by fraud prevention firm ID Analytics being made public Monday.
The study offers the first hard data about a little-understood aspect of ID theft that can cause unnecessary pain and suffering to family members already dealing with loss.
ID Analytics works with dozens of credit-granting companies, such as banks and cellphone providers, to find common patterns among fraudsters as they fill out credit applications. The firm has unique insight intro fraud trends, as it screens more than 1 billion such applications annually. For this study, it considered 100 million applications filed during the first three months of 2011 and compared Social Security numbers and other information in those applications against the Social Security Administration’s Death Master File, which tracks the identities of people after they die.
Stephen Coggeshall, chief technology officer at ID Analytics, recently crunched those numbers to look for evidence that criminals were exploiting SSNs attached to the deceased. The results showed a wide-scale problem, much larger than previously believed.
Roughly 800,000 deceased Americans are deliberately targeted by criminals each year, the study claims.
In those cases, an imposter armed with a deceased person’s SSN, name and birthday tries to fully assume the dead person’s identity. ID Analytics has no information about whether or not the attempts were successful, Coggeshall said — only that the personal information was used on an application during a fraud attempt.
Meanwhile, SSNs attached to 1.6 million more dead adults find their way onto thieves’ fraudulent applications through random selection, he said. Many criminals simply guess at SSNs when filling out fraud applications and accidentally use one that’s already been issued to someone who’s now dead. ID Analytics calls them “identity manipulators” who make arbitrary variations on their own personal information to avoid fraud detection tools and randomly pick an SSN associated with a deceased person.
“This study brings to light a significant problem, as we see fraudsters intentionally using identities of the deceased at the rate of more than 2,000 per day,” Coggeshall said.
Imposters who exploit the dead are after the same things that all ID thieves crave: theft of cellphone service or the ability to open up new credit cards or take out loans, Coggeshall said.
There are obvious advantages for criminals when using a dead person’s personal information. If the fraud is initially successful, because the normal channel for discovery — a consumer who notices unauthorized charges or accounts on his or her credit history — doesn’t exist. Family members or others disposing of an estate can discover the fraud through the arrival of unexpected bills, but the usual hurdles for recovering from such fraud are even higher when a third party must call and ask for corrections.
Fighting ID theft of the dead should be easier than most other forms of identity fraud. The Social Security Administration frequently updates the Death Master File, which now contains about 40 million SSNs. Firms that issue credit should routinely check their applications against this simple list; several inexpensive products offer this service, and the file is available in several forms online (there’s even an app). But clearly, that kind of screening isn’t happening, Coggeshall said. Otherwise, criminals wouldn’t be trying to exploit the dead so frequently.
Ironically, if companies don’t check SSNs against the Death Master File, it becomes a great source for criminals to obtain identities and SSNs to be exploited.
“We have no sense of where criminals are getting the numbers, but a certain portion of them probably are coming from public sources, like the Death Master File,” Coggeshall said.
The study also hinted that seriously ill people are being targeted by criminals. There were 2 million cases of SSNs’ beingused in credit applications, with the SSN holder dying within the next two months.
“Certainly a good deal of this is not suspicious, but some fraction of these applications may be the misuse of the identities of the dying,” Coggeshall said.
RED TAPE WRESTLING TIPS
Family members already dealing with a tragedy have plenty to worry about, but identity theft of the dead is a reality they must consider, he said.
“While this is clearly a problem for businesses, surviving family members can also be the victims of this identity fraud as they are left to manage the estates of their deceased loved ones,” Coggeshall said. “It’s important for people to monitor their deceased family members’ identities for at least one year.”
It’s possible for a third party, such as a spouse, to get a credit report for a deceased person, but it’s not trivial. The bureaus will want a death certificate as proof the individual has died, and they’ll want some evidence that the requester has a right to see the information — such as a marriage license or an order showing he or she is an executor of the estate. That person can request that a “deceased — do not issue credit” notation be placed on the report, but certain hiccups can occur. If a credit account, such as a loan, is in both spouses’ names, a “deceased” flag can occasionally cause confusion.
There’s a good discussion of this issue on Experian’s website.
More details on how to freeze a loved one’s credit report are available at this BankRate.com story.