Bank of America, JP Morgan, AT&T, Capitol One, and Sprint are among the top companies in the U.S. relating to the number of ID Theft cases reported. It should come as no surprise that two of the companies listed, JP Morgan and Bank of America, are two familiar names when it comes to Phishing fraud.
A Freedom of Information Act (FOIA) request by Chris Hoofnagle, at the Berkeley Center for Law and Technology, led to the report showing a serious need for companies to communicate better on ID Theft reports and how to resolve them. “This lack of information prevents more vigorous competition among institutions to protect accountholders from identity theft,” the report says.
The report is what Hoofnagle calls a first attempt to compare institutions on their performance in avoiding ID Theft. The numbers in the report are based on the information returned by the Federal Trade Commission (FTC) in compliance to the FOIA request.
The request sent May 16, 2007, resulted in negotiation with the FTC on the scope and amount of records requested. Originally, the request wanted two years of data, but the FTC's disclosure office was not thrilled to have to review and release hundreds of thousands of complaints. (The FTC received 674,354 complaints in 2006; 246,035 were identity theft related.)
The FTC collects information from ID Theft victims by phone and through an online form. "In doing so, the FTC requests that victims: ‘Please identify companies or organizations where fraudulent accounts were established or your current accounts were affected…’ In the form used to process this data, victims are asked to identify up to three companies where [the] accounts were established or affected," says the report. While the FTC publishes the hard numbers on these reports, they do not list the name of the companies reported.
In the end, the request was limited to three randomly chosen months in 2006, January, March, and September. These months included data from eighty-eight thousand five-hundred sixty complaints, with forty-six thousand two-hundred sixty-two names of institutions identified by victims.
After compiling all the data he received, Hoofnagle put it all together. The final tally shows a direct tie with Phishing schemes. For example, Bank of America, with 1,117 reports in the three month sample, leads AT&T, Sprint, and JP Morgan in the total of fraud complaints. Bank of America, along with Wachovia, Wells Fargo, and National City are constantly used in Phishing crimes. Only National City didn’t make Hoofnagle’s report.
Ending his report Hoofnagle said that in order for the market to, “…effectively address the ongoing identity theft epidemic, consumers need reliable information about incidence of the crime among institutions. If data were available on this crime, consumers could choose safer institutions, regulators could focus attention on problem actors, and businesses themselves could compete to protect consumers from this crime.”
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Comment on this Story