Identity Theft Logo  
  widget
Introduction Methods Prevention Recovery Statistics FAQ Navigation Bottom Image  

Methods of Theft

Traditional Theft || Dumpster Diving || Online Scams
Shoulder Surfing || Skimming

In order to steal someone's identity, thieves must obtain personal information. The most common information used to steal identities is government-issued identification, such as a Social Security Number (SSN) or a driver's license.

Online Theft "Identity thieves can obtain SSNs by stealing mail where those numbers are included. They sift through the trash outside of businesses and residences in hopes of finding unshredded documents containing SSNs and other data. Dishonest employees can obtain SSNs in the workplace by obtaining access to personnel files or accessing credit reporting data bases...."
(Givens)
Written Testimony for U.S. Senate Judiciary Subcommittee on Technology, Terrorism, and Government Information
Identity Theft: How It Happens, Its Impact on Victims, and Legislative Solutions

The following sections list some methods used by thieves to steal personal information.

Arrow Traditional Theft:
This type of identity theft includes the theft of wallets and postal mail in the hopes of obtaining personal information to exploit.

Wallets often contain driver's licenses, Social Security cards, and government IDs. Some states in the U.S. even print Social Security numbers on driver's licenses. These items can be used to steal identities.

Pre-approved credit card applications are also another target of traditional theft. Some of these applications allow the applicant to specify a change of address. Someone could potentially steal an application and redirect the invoices to some other address. The thief could have a credit card in the original recipients name and the recipient may never receive the invoices.

Arrow Information (Dumpster) Diving:
According to the Wikipedia page for
dumpster diving,
Dumpster diving
also called "dumpstering" and "binning", "trashing" is a North American term to describe the practice of rummaging through commercial or residential trash to find useful free items that have been discarded.
-Wikipedia
"Files, letters, memos, photographs, IDs, passwords, credit cards and more can be found in dumpsters." The page suggests that many people often throw away this personal information with the assumption and expectation that no one will retrieve that information. Quite contrarily, thieves do employ this technique of dumpster diving to obtain information. The Consumer Protection Division of Washington State's Office of the Attorney General suggests this paper trash is "a gold mine of information for the identity thief."

Arrow Online Scams (Phishing):
Online scams, sometimes referred to as
"phishing,"
Phishing
the act of tricking someone into giving them confidential information or tricking them into doing something that they normally wouldn't do or shouldn't do.
-michigan.gov
are an attempt to obtain personal information online by impersonating a legitimate official or organization.

Several emails have circulated in recent years where the authors are posing as Nigerian representatives, suggesting the recipient of the email is entitled to a large sum of money. All these representatives ask in return are personal information and/or tax and processing fees to release the money. The reality is these individuals are merely attempting to steal money and personal information. Online Theft/Scams

Some attempted-thieves are also sending emails that resemble official bank correspondences to people's email inboxes. These phishing attempts mimic official, important notices from banks, often suggesting that the recipient's account has been violated and needs to be verified. These emails link to questionable websites that are exact or near-exact duplicates of official websites. Moreover, these sites attempt to trick visitors into providing account login information and other personal information in order to "verify" the accounts. After users enter their respective account information, the information is stored by the thieves. Victims of this type of attack may have their entire bank account emptied and their identity stolen.

More information on these particular scams and several others can be found at PCWorld.

Arrow Shoulder Surfing:

Many eyes on personal information. TechTarget.Com defines shoulder surfing as "using direct observation techniques, such as looking over someone's shoulder, to get information." This method is commonly used at ATM machines and in office environments to obtain personal information.

Arrow Occupational Abuse (Skimming):
Skimming occurs when an employee of a legitimate establishment or organization abuses his or her access to your personal information.

A common example of this method of identity theft occurs in restaurants. An individual may give his or her credit card to the serving staff to pay for dinner. While the server has the card, the server copies the information from the card to use or sell later. These thieves may even have devices, often called "skimmers," that read the data from the credit card to eliminate a paper trail.
(skimming)
About.com
Skimming: ID Theft Methods and Tactics


Skimming is not limited to restaurants, however. These types of attacks can happen anywhere employees handle personal information.

Back to the top of the page!
Prevention Techniques >>


All clipart courtesy Microsoft™ Office Online.
Authors
Valid XHTML 1.0! Valid CSS!