Identity theft down but cost skyrockets

Identity theft related to credit and debit cards dropped by 28% in 2010 over 2009--but the out-of-pocket cost to victimized consumers rose by 68%.

FBI details most difficult Internet scams

The "2011 Identity Fraud Survey Report," from Javelin Strategy & Research, is based on a survey of 5,004 adults, and concludes there was a steep drop in the number of identity fraud victims, mainly due to a drop in fraud associated with existing payment cards. Payment-card fraud dominates but the report also includes checking-account fraud and other non-card fraud.

The study indicates that the number of identity theft victims fell about 3 million in 2010 over 2009. The report says total dollar amounts dropped by 34% from $56 billion in 2009 to $37 billion last year. The mean fraud amount per victim dropped from $4,991 in 2009 to $4,607 last year.

12 "White Hat" hackers you should know

Last year there was a year-over-year rise in the mean out-of-pocket cost to those who did suffer payment-card-related fraud, from $335 in 2009 to $565 last year. Resolution of an identity fraud problem increased from 21 hours to 26 hours in 2010. Credit-card only victims are said to be 57% of the existing card totals examined in 2010, down from 65% in 2009, "while the number of debit-only fraud victims grew to 36% in 2010, up from 26% the previous year."

The report defines consumer costs as any unreimbursed monetary losses and lost wages, legal or credit-monitoring costs related to resolving the fraud.

The rise in consumer costs is believed to be due to a rise in new accounts fraud, where a criminal steals identity information and opens a new payment-card account.

"New account fraud not only is harder to detect and resolve but creates fraud victims who are more negatively impacted by identity fraud," the report states. The study went onto state 14% of U.S. fraud victims in 2010 reported their personal information stolen by a family member, friend, co-worker or other person they knew -- with the mean fraud amount significantly higher at $8,233.

Not surprisingly, those who were notified about a data breach were more likely to suffer identity theft. In 2010, there were 407 publicly reported incidents of a data breach at U.S. firms, for a total of 26 million exposed records. This was dramatically down in comparison to 2009 when there were 607 instances and 221 million known records exposed.

The report credits serious adoption of the Payment Card Industry data-security standard among retailers and the fact that notorious credit-card thief and hacker Albert Gonzalez and his crew were successfully prosecuted by the U.S. Justice Department.

The report also points out the danger of fraud and social networking sites.

"People using social networking for five or more years are twice as likely as those newer to social networking sites to suffer identity fraud (6.9% for five-plus-year users vs. 3.2% for newer users vs. 3.4% for non-users)," the report states.

The report says "users of LinkedIn, not Facebook or MySpace, are more likely to be victims of fraud involving their full name, Social Security number, physical address, credit-card number and PIN on their credit card. This correlation may be because LinkedIn is a more professional social network, whose members have higher incomes than Facebook members and thus are more likely targets."

Javelin has conducted its survey and study on identity theft and payment cards for eight years and this time the research firm takes a look at the country's overall economic health across the years to try and find patterns.

Regardless of security innovations in fraud control, the simple truth may be that poor people steal more in times of greater need.

"As retail sales go up, the identity fraud rate sinks. When retail sales decrease, the identity fraud rate rises," the report concludes.

In addition, fraud trends differ state by state. The 11 states showed increases in fraud over 2009 include Alabama, Alaska, Arizona, Florida (said to be the worst), Kansas, Michigan, Nebraska, New Jersey, North Carolina, Utah and West Virginia.

Read more about wide area network in Network World's Wide Area Network section.

This story, "Identity theft down but cost skyrockets" was originally published by NetworkWorld.

Insider: How the basic tech behind the Internet works
Join the discussion
Be the first to comment on this article. Our Commenting Policies