The Daily Shield is once again pleased to publish this article by Intersections’ Consumer Security Advisor, Neal O’Farrell.
I’ve always had an uneasy relationship with identity theft. I’ve spent decades fighting the crime and teaching others how to protect themselves. I’ve always assumed that would give me some degree of added protection, a free pass, if you like. But in the back of my mind I also knew that the beast could just as easily turn on me at any time.
Yesterday it finally did. During a routine check of my online bank account yesterday I found two unusual charges that didn’t make any sense. The charges were electronic transfers out of my account, were described as “Legal Order Fees” and totaled $740. But my bank provided no other explanation of what they were for, who authorized them, and where the money went.
Immediately my mind started to race. I didn’t authorize these charges and didn’t recognize them. What’s worse, I have alerts set up on my account to let me know instantly of any electronic transfers over $100. But I didn’t get an alert.
Could this be my worst nightmare – a banking Trojan like Zeus that has infiltrated my computer, accessed my account, and switched off my alerts so it could systematically drain by bank accounts without me knowing until it was too late?
And if it was Zeus, I knew I’d be in for a battle royale, because Zeus is such a clever and advanced piece of malware it would already have anticipated what my next moves would be. And what other accounts would be vulnerable?
I called my bank’s Customer Service number. They’re one of the country’s biggest banks and you’d think they’d have a Fraud Hotline, but I couldn’t find one. So after weaving my way through endless options to check recent transactions, get account balances and listen to new credit card offers, I finally spoke to a customer service representative who immediately knew what the problem was.
Without hesitation he transferred me to a supervisor who had some good news, and some not so good news. Turns out a Legal Order fee is essentially a legal garnishment of money in order to pay a judgment. And it looks like this was the State of California collecting on a tax judgment against me.
Phew, at least it’s not the dreaded Zeus. It’s just the tax man. But of course all my taxes are paid and up to date, I don’t have any judgments against me (that I know of), and I’ve never been contacted about taxes owed or ever been served. Did I make a mistake, fail to file some important tax document, make an incorrect filing?
My bank referred me to a hotline for the State of California tax people – at least they have a hotline number – and again, more good news, bad news.
Seems like someone else in California had a tax judgment against them and the paperwork had been submitted and filed using my Social Security number. Is it identity theft, I asked? No, said the tax man, probably just a human or computer error that got one digit of the real Social Security number wrong.
OK, so how alike are my number and the real number, I asked? Not even close, replied the tax man. So it probably wasn’t computer or human error, if the numbers aren’t even close. No said the tax man, probably someone used your number to avoid the courts.
So the good news is, there isn’t a judgment against me, I don’t owe any taxes, and this morning I got most of the money back. Except for $100. Which the bank says it’s keeping as a standard charge that applies even if I’m the victim.
And of course the bad news is that it looks like someone now has my Social Security number and has started to use it. Short of changing my number, could I be looking at a lifetime of worry about the next time the thief, or thieves, will try to use it? I’m glad I have Identity Guard helping out, but it could still be a major headache for years to come.
And of course it raises lots on unanswered questions that seem to suggest systemic failure all the way down:
• The tax people had my real name, address, and even driver’s license information. If it didn’t match the thief’s information, how come that red flag wasn’t noticed?
• Why didn’t the tax people try to serve me, if my SSN led them to my real home address?
• Will my name and SSN be forever red flagged by the State of California, and my name be a “known alias” for this thief?
• How did the State of California know where I bank and what my bank account number is?
And my bank isn’t off the hook either. The tax man said they contacted my bank twice to resolve the matter, once in July and then again in September. When I asked my bank why they didn’t bother to let me know what was about to happen, the call was again referred to a supervisor who explained that if I had been forewarned, I could have emptied my bank account before the money removed, and the bank might be accused of facilitating me.
Sounded reasonable, expect that the tax man said they contact the bank to try and resolve the issue with the alleged debtor (me), so they would probably want the bank to contact me and persuade me to pay my debt.
But that didn’t explain why I didn’t receive an alert after the payment had been made. My account had been set up for exactly such alerts, and there would be no legal risk to the bank to alert me after the money was gone, right? The bank had no answer for that. Or for the fact that despite having alerts set up for every transaction on my account over $100, I hadn’t received any alerts in the previous two weeks.
Apart from fighting with my incompetent bank over the last $100, the rest is all just a waiting game. I monitor my credit reports constantly so hopefully I’ll be alerted quickly if there’s any more unauthorized activity. But a thief can do so much damage with a stolen Social Security Number, my challenges go far beyond credit monitoring.
And I know exactly what victims have been talking about. It’s not about the money that was lost and reimbursed. It’s about the waiting and uncertainty, not knowing when the next shoe will drop and how long and complicated my new fight is going to be.
It’s also the worry that in some computer system – state, federal, or commercial, I have a judgment listed against me as a tax cheat. And it’s the realization that so many people failed me, from the tax man and his vast computing power, to my bank of ten years, that I’m not sure who to trust any more. Except the thief. I’m pretty sure I can trust him to be true to his nature.
Keep informed about the latest threats to your safety. Join our Facebook group.
Take the first step. Learn more about the flexible and innovative solutions from IDENTITY GUARD®.