Wednesday, January 27, 2016

Identity Theft for $6668.49!

I don’t get a lot of meaningful paper mail any more. It’s almost all junk mail. I thought this was the case with a Rogers’ envelope, but for some reason I opened it anyway. It turned out to be a bill for $6668.49. That got my attention.

It turned out to be a bill for a Rogers Wireless account. Flipping through the pages trying to figure out what was going on, my eye was drawn to a green box telling me “You saved $0.32 on your Wireless services this bill.” I was thinking I’d better save a lot more than that.

My first hope was that this was a bogus bill not sent by Rogers. But everything appeared legitimate. The web address and telephone numbers were all authentic. So, I called Rogers Wireless to see what was going on.

A helpful woman named Cynthia confirmed that this really was a bill from Rogers. She then confirmed that none of the information used to set up the account matched my information except for my name and address. So, she knew this was fraud.

It turned out that the account was only active for 2 days because the Rogers’ anti-fraud department had already shut the account down. But in those two days the fraudsters used about 3000 minutes on each of two phones.

I certainly would have preferred it if Rogers hadn’t sent me this bill at all given they knew it wasn’t my account. The bill arrived 3 weeks after the account was shut down.

My wife kept her sense of humour through this. The bogus account was a joint account in my name and someone named Maria. My wife said “So the truth finally comes out about your other wife and family.” The only part of all this that sounded good to me was that the fraudster gave a year of birth that makes me 13 years younger. I’d pay the bill if it made that true.

Cynthia directed me to Rogers’ anti-fraud department to speak to Jesse who confirmed he knew the account was fraudulent. Apparently, they see this pattern a lot where bogus accounts are used for overseas calls. It turns out that the fraudsters only needed a name and address to open the account. All the other information they provided about me was wrong. It doesn’t take a sophisticated criminal to open a phone book.

Jesse assured me that I’d get no more bills and that they would tell the credit agencies that this was fraud. I don’t have any immediate need to borrow, but I don’t need the credit agencies telling businesses that I’m a deadbeat.

So, it appears there wasn’t much I could have done to prevent this from happening. I carefully burn all paper with sensitive information on it, but it’s hard to keep people from finding out my name and postal address. Rogers doesn’t set a very high bar for preventing identity theft.

I’d prefer it if creditors were more careful giving out credit. Rogers may find it profitable to open credit accounts with no meaningful proof of identity, but the cost to me to sort this out should count for something as well. I can only imagine how much more difficult this would have been if the fraudsters had another one or two correct pieces of information about me.


  1. This is a very interesting article, could you just quote me your phone number and address so I can write a follow-up article? Too soon?

    Yeh Identity Theft is a lot easier than a lot of folks think it is.

    1. @Big Cajun Man: Identity theft is often portrayed as the work of clever thieves, but it's really businesses making cynical decisions to extend credit with flimsy proofs of identity. If losses to fraud are less than the cost of better identity checks, then they forgo the identity checks. The disruption of the lives of those whose identities are stolen aren't much of a factor in the decisions.

  2. Interesting. So a couple things.

    1) That's a lot of talking, because their aren't even 3000 minutes in two days (2 days x 24 hrs x 60 mins = 2880 mins). So literally these people talked for 48hrs straight, without sleeping? Must have really needed to catch up with their relatives!!!

    2) You actually BURN old paper? That's old school, and gives me visions of some clandestine meeting, with hooded figures gathered around, burning secret documents. I'm all for security, though. Perhaps you should shoot the documents, then shred them, then burn them.... just to be safe. ;)

    1. @Anonymous: Jesse at Rogers said something about fraudulent overseas calls. It all seemed very familiar to him, but I'm not sure what the thieves' motive was. Apparently the phones get used continuously for days.

      I just keep the paper in a stack and use a handful of it to start the odd fire in my wood stove in the winter. I wouldn't use a gun because I'd be afraid that some innocent papers would get hurt.

    2. I have been at these clandestine meetings, no hoods are worn though..

  3. At least it was only identity theft and not identity death:

    Corporations placing minimal value on customer disruption when considering cost of business is one thing, your government "killing" you for a few bucks is a whole other ballgame!

    1. @SST: Whatever problems we have, it seems that others have worse problems.

      All information large companies and governments use to make decisions is captured in computer systems. I've been trying to think of ways to capture doubt about the correctness of information. If there were some way for individuals to capture their assertion that certain online information is wrong, it would allow algorithms to improve their decision making. For example, if there is strong reason to believe that a certain person isn't actually dead, some transactions giving away property may be blocked. However, an assertion about information being wrong may itself be wrong. So, such algorithms would have to avoid overreacting to evidence that some information is wrong. This is all a tricky business.

  4. That's the thing, we might complain about how terrible our political and economic systems are (Democracy and Capitalism), but compared globally, Canadians enjoy a fairly lofty lifestyle.

    As long as humans and our irrationalities are involved in making things work, no system will ever be perfect.

  5. Years ago we had our voip phones hacked. Someone in Russia had opened up our server and was making calls to people in the U.S. telling them something about their credit card (the scam was to get them on the phone to get their card info). We caught on when people started hitting redial and asking for mastercard.

    I found it quite disturbing. There's substantial resources required to hack a voip server, start making automated calls, collect credit cards and then monetize them. This was the work of an organization not an individual.

    These days I think it's harder to find someone who hasn't been hit by this stuff than find someone who has.

    1. @Glenn: You're right that it seems everyone has some sort of story like their ATM card getting hacked or having to change credit card numbers.