Mobile and Tablet Marketing, Search Marketing

Scared Stiff: Identity Fraud and the Internet

LocutusJohn Stossel of ABC’s 20/20 had a fantastic show last week, Scared Stiff: Worry in America. He provided solid data speaking to the media’s impact in our lives and how it affects the public and its fear.

(He also had Stephen Dubner from Freakonomics on the show, so I had to watch it!)

The problem he identified is that most of the things we worry about aren’t really risks at all. One startling example is a comparison of having a loaded gun or a swimming pool… pools kill many more children than loaded guns. For some reason, we’re not afraid of sending our kids off to a home with a pool… but we’d never send them to a home with a loaded gun.

This week, the fear hit home with me. I’ll spare the gory details, but I joined a social networking site that had some fantastic tools for building your family relationships and having your ‘network’ take off and grow on your own. The trick to the site was that you enter all of your family and their relations to you… the application does the rest… contacting each of them to login and continue building the family. It’s an awesome application with all the right features… a viral component, a tool, a contact database, all in one spiffy little Web 2.0 package.

Here’s the rub… you enter your family’s information. I made the insanely dumb move of kicking the whole party off and putting my family’s data in there. The application then contacted each member of my family. The young folks caught right on and started building their networks. It was a different story with the older folks. You would have thought I posted my family’s passports and credit cards online for the taking! They were absolutely horrified that I would do such a thing. Horrified!

Identity theft, identity theft!!! My sanity, intelligence, and – most of all my trust – were immediately put into question. Flaming emails followed flaming emails… educating me on this incredible threat and how careless I was to put my family at risk. Though I wasn’t concerned with Identity Theft, I quickly made tracks to the company to get the data in question… and any related data… taken down immediately. That didn’t stop the scolding. I have to tell you… at 38 years old and having a decade behind me in the Industry, you would have thought I was the worst thing to happen to the net since SPAM.

I’ll be in trouble for this post as well… it’s not over anytime soon. If the case were adjudicated and ended in a public flogging, it still wouldn’t save me. I think I’m off all the wills.

John Stossel is right. This fear-mongering by business and the media is absolutely out of control. The fact is that the business of identity theft will exchange infinitely more money than actual identity theft. But it’s got the attention of creditors, government, and media so it’s going to be in the spotlight for a while. All of our data has been exposed in this evil Internet and we’re soon all to be assimilated. There’s no stopping it. We’re done. The world is ending.

Or is it?

According to statistics, 69.4% of all American households are now using the Internet. A startling 210,000,000 Americans are on the Internet now. And so is their credit card information, their credit history, maps of their neighborhoods, their social security information, their company benefits, their investments and even their (closely guarded) medical histories.

Wow… with those kinds of numbers, there must be millions of people affected by Identity Theft, right? Well… nope.

According to the FTC, there were a 246,000 cases of identity theft complaints were reported in 2006 (DOWN from 255,000 in 2005). Well that’s 1 in every 1,000 Internet Users, right?

Nope.

According to the FTC, only 1.9% of all Identity Theft complaints were made against the Internet. 4,674 people. So 98.1% of all Identity Theft complaints were not related to the Internet. Let’s do some math…. that’s 0.0022% chance of getting your Identity stolen from the Internet. Or 1 in every 45,000 people. 3 to 6% of Identity Theft happened due to data breaches at the source, with the large majority happening at financial institutions and also being stolen physically, not electronically.

I could not find a single complaint in all of the data I reviewed where the victim’s data was hacked electronically from a third party web site. Not one single complaint.

Still scared? Your odds of getting murdered or dying from a fall or dying from a car crash or even from a self-inflicted wound are greater than your odds of being a victim of Identity Fraud on the Internet. In fact, the chances of the Earth getting hit by an asteroid in the next century is greater than you being a victim of Identity Fraud on the Internet.

With that in mind, I would add that all, if not most, of those Internet Identity Fraud cases happened because of a phishing scheme… where a user logged into a fake site that was put there for the sole purpose of stealing your identity. They didn’t come from legitimate sites where people’s identities were stolen.

Why not? There are a few reasons, but the key one is that as good as the Internet is at saving your data, it’s also great at recording every single packet of information that runs through it. Have you ever noticed how quickly people get tracked down after a child pornography roundup? It’s a lot easier for someone to steal some paperwork from your local financial institution than it ever would be to try to retrieve it from the web.

To conclude… stop worrying. To the security and media companies… stop all the fear mongering! Of course I’m not advising you to use your first name as a password and leave your credit card info in your profiles, but you also don’t have to fear logging into a legitimate site and finding your bank accounts emptied the next day. It just doesn’t happen that way. There’s more important things to worry about (like having a healthy, trusting relationship with your family).

And if you happen to be a victim of any Identity Fraud, here’s some advice.

3 Comments

  1. 1

    Great post. I don’t understand why people are paranoid about putting basic information about themselves on the Internet, especially since much of that can be found through non-electronic means. For the most part, I can get people’s addresses, phone numbers, wedding dates, children’s birthdays, and in some cases their salaries — all without accessing a computer (although it could require a bit of legwork). Posting a picture of yourself online is nothing like broadcasting your SSN.

    I think the paranoia carries over into how businesses prioritize security (or maybe the statistics are that way because of it). Businesses will spend the money on an SSL certificate and firewall, but the information they capture is printed out and filed in an unlocked cabinet somewhere that anyone can access. Of course, there are a lot of businesses that handle even Internet security poorly, but I’d wager that the average small business has relatively worse security than say, a bank, when it comes to their physical office than their website.

  2. 2

    It appears TJX may prove me wrong… they did not follow credit card companies’ advise on how to protect data so their system was hacked and the credit card data was stolen. No idea as to the impact of this theft yet, but it could be the largest hack of credit card data in our Internet history!

  3. 3

    Hey Doug, thanks for the informative article. I had no realized how over-inflated the facts were until your statistics put it all in perspective. I think it still helps that people are careful with their information regardless. Little things like looking at the web address can help deter phishing (like a paypal email telling you to give them your credit card information, but the address above doesn’t have “paypal” anywhere in the name). A little common sense and caution goes a long way still.

    Nationwide VPN

Leave a Reply