Authored by: Robert L. Hurt
Identity theft is a growing problem in the United States and around the world. In 2014, the Federal Trade Commission (2015) received over 300,000 identity theft complaints—13% of the overall total complaints received in that year. In this article, we’ll examine the following topics on this important issue:
- What is identity theft?
- Why should academic advisors care about identity theft?
- How do people commit identity theft?
- What steps can be taken to recover from identity theft?
The article concludes with several sources for additional information on the preceding and related topics.
Nature of identity theft
Here are a few definitions of identity theft:
- “The illegal use of someone’s personal identifying information. . .in order to get money or credit.” (Merriam-Webster Online Dictionary, 2015)
- “The crime of obtaining the personal or financial information of another person for the sole purpose of assuming that person’s name or identity in order to make transactions or purchases.” (Investopedia, 2015)
- “All types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.” (United States Department of Justice, 2015)
In the context of those definitions, “personal identifying information” (PII) refers to items such as a Social Security number, driver’s license number and/or bank account/credit card numbers. Failure to keep just one of those items secure can lead to serious psychological, financial, social and economic setbacks. Once obtained, PII can be used to siphon money from the victim’s accounts, open new credit accounts, extort the victim, file fraudulent tax returns and/or divert legitimate tax refunds/other government payments to the identity thief. The actions of identity thieves often impact credit scores, which typically results in still more consequences; recovering from those consequences can take years.
Academic advising and identity theft
Regardless of institution type, position title, academic discipline or experience in the field, academic advisors should care about and be prepared to work with students on the issue of identity theft for at least three reasons:
- NACADA’s Core Values of Academic Advising (2005) elucidates six values central to the practice of academic advising:
- Advisors are responsible to the individuals they advise.
- Advisors are responsible for involving others, when appropriate, in the advising process.
- Advisors are responsible to their institutions.
- Advisors are responsible to higher education.
- Advisors are responsible to their educational community.
- Advisors are responsible for their professional practices and for themselves personally.
The core values do not limit advisors’ responsibilities to “traditional” academic matters; advisors must be prepared to interact with students holistically, developmentally and, sometimes, intrusively. The academic advisor is in a unique position to work with a student from admission to graduation—virtually no-one else can legitimately make such a claim. Given the psychological and financial stress that can be caused by identity theft, academic advisors must be prepared to advise their charges on the matter. While every academic advisor does not need to become an “expert” on identity theft, every academic advisor should have a toolkit that points students in the right direction if they have concerns/experience with identity theft.
- Academic advisors work with sensitive PII in the course of their duties. The Wisconsin Department of Public Instruction (2015) provides several examples of PII in educational contexts. Their extensive, though not comprehensive, list includes: Social Security number, driver’s license number, full name, home address, email address, and phone numbers. While some of those information items may seem innocuous on their own, they can often be combined to devastating effect by identity thieves.
- College-age students may be particularly susceptible to identity theft. Of the identity theft complaints received by the Federal Trade Commission in 2014, about 18% (roughly 37,000 cases) impacted victims in their 20's. Furthermore, college students often have active social media presences—a common source of identity theft activity. With little life experience, college students may not be aware of the importance of keeping their PII safe and secure.
In one of the classic definitions of developmental advising, Crookston (1972) wrote (emphasis added): “Developmental. . .advising is concerned not only with a specific personal or vocational decision but also with facilitating the student’s rational processes, environmental and interpersonal interactions, behavior awareness and problem-solving, decision-making and evaluation skills.” Ensuring students are aware of the behaviors that can lead to and mitigate identity theft is therefore part of the responsibility of all members of the profession.
Identity theft methods
The Center for Identity Management and Information Protection (2015) at Utica College provides an outstanding list of common identity theft methods. They include:
- Dumpster diving. Discarded mail often contains sensitive PII, and many identity thieves will go through trash cans/dumpsters in search of it. For example, consider a student who receives a “pre-approved credit card offer” in the mail; if not disposed of properly (e.g., by shredding), an identity thief could easily steal the offer letter from the trash and open an account with it.
- Mail theft. Although riskier because of its innate potential criminal penalties, identity thieves have also been known to steal mail outright. This method may be exacerbated in the workplace if mail is not secured.
- Social engineering. In social engineering, the identity thief establishes some sort of relationship with the victim, often via social media. Over time, the victim’s guard is lowered and the identity thief may be able to learn PII or other sensitive information.
- Shoulder surfing. Looking over someone’s shoulder as they access bank accounts, credit card accounts or even simple email addresses can also lead to identity theft. Therefore, everyone should take care that they are not being observed when completing such tasks in public places.
- Skimming. Skimming devices that capture electronic information can be attached, often innocuously, to ATMs, cash registers and other devices. Once captured, the information can be used to perpetrate identity theft.
- Pretexting. Once an identity thief learns some small information detail, the thief may use that information to “bait” the victim into releasing more. For example, proud grandparents often post pictures of their grandchildren on social media sites; an identity thief could then learn the names and histories of the grandchildren and use them to defraud the grandparent.
- Phishing. Cell phones, social networks, email and other tools can be used to trick someone into revealing PII. The now infamous “Nigerian email scam” is an example of phishing.
While some items in the preceding list require some form of information technology to execute, many do not; thus, even the rare student who has little/no online presence can be burned by identity theft schemes.
Transunion, one of the three major credit reporting agencies, suggests seven steps to recover from identity theft (2015):
- Place a fraud alert through one of the three national credit reporting agencies: TransUnion, Experian or Equifax. Contacting one agency requires that agency to inform the other two. An initial fraud alert can be for as little as 90 days, but can be extended for years.
- Request a copy of credit reports regularly. Everyone is entitled to one free copy of their credit report from each reporting agency once annually. The reports are requested through the agency’s web sites; they can be accessed all at once, or serially throughout the year.
- Review the credit report in detail. Potential victims of identity theft should be especially alert to reported accounts they did not open, debts they do not recognize and similar data.
- Contact the credit reporting agencies to dispute erroneous items on the report. While the dispute may be reported by phone, the best course is to keep a record by disputing via the mail.
- Cancel any accounts that have been compromised. This step applies to banks, credit card companies and other businesses. The identity theft victim should close each compromised account and open a new one with a new account number.
- Create an identity theft report (ITR). The ITR comprises two separate documents: an affidavit with the Federal Trade Commission and a police report. The FTC affidavit should be completed first, then shown to the police department as the basis for their report. The FTC web site (www.ftc.gov/complaint) provides details on completing the affidavit.
- Monitor credit in an ongoing way. Placing a fraud alert (as described in Step 1) is a good start, but credit reports should also be accessed and reviewed regularly.
Of course, “an ounce of prevention is worth a pound of cure.” But, even experienced professionals have fallen victim to identity theft scams. Advisors should deal with students in a compassionate way, rather than shaming them.
The villainous Iago said to Othello (Shakespeare, 1622, 3.3.166): “He that filches from me my good name robs me of that which not enriches him and makes me poor indeed.” Identity theft experts would likely amend the Bard’s words, since the act of “filching” someone’s identity does enrich the identity thief while making the victim “poor indeed.”
References and further reading
Center for Identity Management and Information Protection (2015). Identity crimes: most common schemes. Retrieved from http://www.utica.edu/academic/institutes/cimip/idcrimes/schemes.cfm.
Crookston, B. (1972). A developmental view of academic advising as teaching. Journal of College Student Personnel. (13), 12-17.
Federal Trade Commission (2015). Consumer sentinel network data book for January – December 2014. Retrieved from https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-january-december-2014/sentinel-cy2014-1.pdf
Investopedia (2015). Definition of identity theft. Retrieved from http://www.investopedia.com/terms/i/identitytheft.asp
Merriam-Webster Online Dictionary (2015). Definition of identity theft. Retrieved from http://www.merriam-webster.com/dictionary/identity%20theft
NACADA (2005). NACADA statement of core values of academic advising. Retrieved from the NACADA Clearinghouse of Academic Advising Resources Web site:http://www.nacada.ksu.edu/Resources/Clearinghouse/View-Articles/Core-values-of-academic-advising.aspx
Shakespeare, W. (1622). Othello. Retrieved from http://nfs.sparknotes.com/othello/page_142.html.
Transunion (2015). Transunion’s identity theft protection and recovery guide. Retrieved from http://www.transunion.com/personal-credit/identity-theft-and-fraud/Protection-Recovery-Guide.page.
United States Department of Justice (2015). Identity theft and identity fraud. Retrieved from http://www.justice.gov/criminal/fraud/websites/idtheft.html
Wisconsin Department of Public Instruction (2015). DPI personally identifiable information examples. Retrieved from http://wise.dpi.wi.gov/sites/default/files/imce/wise/pdf/PII%20list%20of%20Examples.pdf