What is Identity Theft?

Identity theft is just one of many identity-related crimes but because of the media coverage it generates it is often perceived as the only identity-related crime. This book will explain the differences between the various types of identity crimes and will offer practical advice about how to protect yourself, what to do if your identity is stolen, and where to get further help.

Identity fraud is the UK’s fastest growing crime. It affects individuals, government departments and private sector organisations and is estimated to currently cost the UK economy around £2 billion per annum. With just a few of your personal details, criminals can open bank accounts, buy expensive goods, claim benefits, obtain credit cards, loans and mortgages and apply for passports and driving licences – all in your name. They can also claim the identity of deceased people, including children, which can be extremely distressing to family members.

Your identity is extremely valuable and should be safeguarded at all times, but most people are unaware of how easily it can be stolen or compromised. If you do become a victim, then reclaiming your identity and restoring your financial status can be a lengthy, time-consuming and emotionally draining experience. Fortunately, there are a number of simple preventive steps that you can take to protect it from criminals.

TYPES OF IDENTITY CRIME

There are many ways that your identity can be stolen and there are many ways that your identity can be used. This can often lead to confusion when attempting to differentiate between the various types of identity-related crimes. To help clarify the situation, the Home Office Identity Fraud Steering Committee (IFSC) has developed a series of definitions as follows.

Identity crime

This encompassing term is used to describe the three main types of identity related crime that are committed against private individuals. These are identity theft, creating a false identity and committing identity fraud. Criminals and fraudsters use a combination of scams and schemes to commit identity crime and these will be explored throughout this book.

Identity theft

Identity theft occurs when criminals acquire enough of your personal details to either assume your entire identity or to create a new and fictitious identity based on your details. This information includes:

- your name
- date of birth
- current or previous address
- mother’s maiden name
- National Insurance Number.

False identity theft

As the name implies, a false identity is one that has never existed before. This can be created in one of two ways: either a completely new identity can be produced from counterfeit documents or a fictitious identity can be created from genuine documents that have been altered. A false identity can be used to:

- hide from the authorities
- avoid existing legal and financial obligations
- continue with fraudulent activities
- conceal a criminal past
- work with children (this may be necessary if the fraudster has been convicted of a criminal offence).

Identity fraud

Identity fraud is - used to describe crimes committed whereby a false or existing identity is used to fraudulently obtain goods or services such as:

- bank accounts
- credit cards
- hire agreements
- loans and mortgages
- state benefits
- mail order goods
- internet purchases
- mobile phone contracts.

Impersonation of the deceased

This is perhaps the most distressing type of identity related crime because it affects the family and friends of the deceased. This can be particularly distressing when it involves the identity of a deceased child. A long-standing problem has been that death records are not shared with other organisations. This means that financial organisations have been unable to verify if credit applicants are recorded as deceased and direct mail companies are unaware when deceased people need to be removed from their databases. It is estimated that of the 10 billion pieces of mail annually generated by the direct mail industry, approximately 22 million are regularly sent to deceased people. These mailings can be fraudulently used by criminals to apply for credit cards, loans and mortgages. However, the introduction of a clause to the Police and Justice Act 2006 means that this information can be shared with organisations for the purpose of fraud prevention, detection, investigation and prosecution.

There are also practical and preventative steps you can take to help protect the identity of the deceased. These begin with the death announcement and continue throughout the initial period of bereavement. This can be an extremely traumatic time and protecting the identity of the deceased is not always at the forefront of somebody’s mind. However, when a death or funeral is announced try to avoid listing the date of birth, age or address of the deceased. As innocent as these details may appear, they can be used by fraudsters to successfully impersonate the deceased.

It is also important to notify all of the necessary organisations, companies and government departments as soon as possible and that any pension books, allowance books, credit cards or membership cards are either destroyed or returned by recorded delivery. These include:

- the deceased’s doctor
- the deceased’s employer
- the deceased’s solicitor (if applicable)
- HM Revenue & Customs
- local authorities (council tax, local housing department)
- Department for Work & Pensions (DWP)
- UK Passport Agency
- Driver and Vehicle Licensing Agency (DVLA)
- banks and building societies
- credit card companies
- utility companies (gas, electricity, water, telephone)
- Television Licensing
- satellite, cable or digital television companies
- insurance companies
- clubs, associations, season tickets
- Royal Mail (for mail redirection).

If any correspondence continues to be received, then it may be necessary to make a formal complaint to the relevant organisation. It is also a good idea to check with Royal Mail that a mail redirection has not been set up on the deceased person’s home and to arrange to have their mail redirected to your own address for at least a year. This is particularly important if the property is empty or is for sale because fraudsters have been known to view empty properties with the sole intention of stealing mail. To help avoid this, make sure that all viewings are accompanied and regularly check for mail that may be accidentally delivered.

As an extra security measure, details of the deceased can be registered with the following organisations that specialise in the removal of people from mailing lists:

The Bereavement Register
FREEPOST SEA8240, Sevenoaks, TN13 1YR
Tel: 0870 600 7222
Fax: 0870 400 5644
Email: help@the-bereavement-register.com
www.the-bereavement-register.org.uk

Deceased Preference Service (DPS)
Windhill Manor, Leeds Road, Shipley, BD18 1BP
Tel: 0800 068 4433
www.deceasedpreferenceservice.co.uk

Mail Preference Service (MPS)
FREEPOST 29 LON20771, London, W1E 0ZT
Tel: 0845 703 4599
Fax: 020 7323 4226
Email: mps@dma.org.uk
www.mpsonline.org.uk

Registering with these organisations will help to reduce a vast majority of direct mail but it is also important to ensure that existing correspondence and documents are not inadvertently made available to fraudsters. For example, before disposing of a deceased person’s clothes, wallets, handbags or other personal effects, always check that any identity-related items have been removed. Any documents that are no longer required should be shredded before being thrown away because fraudsters can sort through rubbish bags to try to find useable information. For further information regarding destroying and shredding personal information, see page 51, Shredding Your Information.

Corporate identity crime

It is not only individuals who are susceptible to identity theft. Businesses and business owners can also fall victim to corporate identity crime. As with identity crime, see page 2, the Home Office Steering Committee has developed a series of definitions to differentiate between the various types. The term ‘corporate identity crime’ is used to describe the three main types of corporate identity-related crimes. These are corporate identity theft, creating a false corporate identity and committing corporate identity fraud.

Corporate identity theft

This occurs when a genuine business is cloned and its name and credit accounts are used to fraudulently obtain goods, services and money. This is known as corporate identity fraud, see page 8, and is estimated to cost British industry £50 million a year. A company can be cloned by filing fraudulent documents with Companies House to change the registered business address or to appoint directors and thereby create the impression that the fraudster owns the business.

The fraudster can then illegally trade as the genuine company, which means that the genuine company will be liable for all debts incurred by the fraudster. One way to do this is for the fraudster to set up a merchant account in the genuine company’s name, accept multiple stolen credit cards and deposit the proceeds in their own bank account. When customers complain that their credit cards have been fraudulently used, the card companies will then charge the genuine company for their losses. Companies House recognises that this is a problem and has introduced a variety of security measures to help companies protect themselves, see page 9.

Creating a false corporate identity

A false corporate identity is created when fictitious details are used to set up and register a business that does not exist. This can also be achieved by altering the details of a genuine company to create a new business. The overwhelming common dominator in both scenarios is that a false corporate identity is created with the sole purpose of committing fraud. The fraudster can use the details of a fictitious company to order goods with stolen credit cards or credit accounts that appear to be from a genuine company.

Corporate identity fraud

This is committed when the details of either a genuine business (corporate identity theft) or a fictitious business (false corporate identity) are used to fraudulently obtain goods or services. Fraudsters will go to extraordinary lengths to obtain private and sensitive company information. For example, they will often search through rubbish bins or seek menial employment to discover bank details, steal passes, obtain passwords and acquire other corporate information.

Companies House

Fraudsters recognise and exploit the fact that Companies House does not have the authority to inspect the contents of documents sent to them for filing. Therefore, it is possible for company details to be changed without their permission or knowledge, so companies are advised to regularly check that their details have not been altered.

To help address this problem, Companies House has taken a proactive approach by introducing a variety of services that allow companies to securely file and electronically check documents:

- WebFiling service
- Software Filing service
- PROOF (PROtected Online Filing) service
- Monitor alert system.

To access these services, companies first need to register online with Companies House. During the registration process, stringent security checks are carried out to ensure the applicant is authorised to apply for the service. These checks begin with a security code being sent by email with a further Company Authentication code posted to the company’s registered office. Company Authentication codes are unique to each company and are used to verify the identity of a company in the absence of a signature.

WebFiling service

This is a safe and secure way for companies to electronically file their statutory information. Companies can save 50% on the cost of filing an annual return and the following documents can be filed online free of charge:

Return of allotment of shares (excluding non-cash) (88 (2))

Notice of increase in nominal capital (with resolution) (123)

Change of accounting reference date (225)

Change in situation or address of registered office (287)

Appointment of director or secretary (288a)

Terminating appointment as director or secretary (288b)

Change of particulars for director or secretary (288c)

Location of register of members (353)

Notice of place for inspection of register of members which is kept in non-legible form, or of any change of that place (353a)

Location of register of debenture holders (190)

Notice of place for inspection of register of holders of debentures which is kept in a non-legible form, or of any change in that place (190a)

Audit Exempt Abbreviated Accounts Dormant Company Accounts (DCA)

Annual Return (363)

Software Filing service

The Software Filing service is primarily aimed at companies who regularly submit statutory documents, such as limited company accounts or annual returns. With this service, these documents can be electronically sent to Companies House by email. These are then automatically authenticated for compliance with the Companies Act prior to being accepted or rejected.

PROOF (PROtected Online Filing) service

In addition to their WebFiling and Software Filing services, Companies House has introduced the PROOF service to help companies further reduce the possibility of fraud. To access this service, companies will first need to be a registered WebFiling or Software Filing user. The service works by only allowing companies to electronically file specific forms relating to changes of address and directors’ details. Companies House will then reject any paper versions of these forms that claim to come from the company.

The following forms can be submitted under the PROOF service:

Change in situation or address of registered office (287)

Appointment of director or secretary (288a)

Terminating appointment as director or secretary (288b)

Change of particulars for director or secretary (288c)

Annual Return (363)