2011.05.04 ID theft comes visiting, in more ways than one

Written by David Green.

By RICH FOLEY

Now I finally know what some of those identity theft ads on television are talking about. You probably remember a month or so ago when another one of those companies that manages e-mail communications for corporations announced that “unauthorized third parties” had gained access to customer names and e-mail addresses. As usual, I ignored the news at first. But, as it turned out, not for long. 

When I tried to sign into a Hotmail account I use occasionally, I was denied access. The folks at Hotmail explained that large amounts of e-mails emanating from my account were being returned as undeliverable, along with there being complaints about spam coming from my address. Since they suspected that those nasty unauthorized third parties were up to their old tricks, I had to cyberjump through a series of figurative hoops to regain account access. Then it started to get interesting.

Obviously, I knew the answers to all my personal information and identifying questions, but that wasn’t enough to wrest control of the account back from internet purgatory. Hotmail also wanted me to tell them the names of some of the folders and drafts I had created, along with the titles of a few recently received e-mails. That’s where the trouble began.

As I said, I use the account infrequently as I have two other e-mail accounts for the bulk of my needs. This account is reserved for those people and companies I prefer not to have my “real” address. I don’t think I’ve ever started a folder or wrote a draft from this account and any e-mails I receive are usually deleted immediately. As a result, I couldn’t provide enough information to regain access to the account. Score one for the bad guys.

A few days later, I was denied access to my Facebook account as well. This time, I got more specific information about the perpetrator sending out spam from my account. Facebook wanted to know if I had logged into my account at 3:10 a.m. the previous day from a computer in Kirkland, Wash. They even provided me with a handy little Mapquest map highlighting the town’s location.

When I confirmed that this was an unauthorized user, Facebook asked a series of identifying questions. After I was able to satisfy them that I was the real account holder, they requested I create a new, trickier, password on the spot, then turned use of my account back over to me.

Next came the toughest part. I decided it was time to create separate passwords for most of my online accounts. Instead of using a total of four passwords for my various online activities, I now have a cheat sheet of about a dozen different longer, harder to guess (or remember) ones. At least the next cyberthief will probably get access to only one account’s password, if they’re even that lucky.

Then came the phone calls. I started receiving messages asking for me, wanting me to get a message to a person I’ll call “Amy Hamilton.”  The caller said he needed to get a statement from her and she had listed me as her contact person. Since I’d never heard of her and my caller ID listed the call as coming from Washington, DC, I ignored it.

He missed me again the next day, but when he called a third time while I was home, my curiosity got the better of me and I took the call. He explained the same information as before, and I told him I didn’t return the previous calls because I had never heard of “Amy.” He apologized for bothering me and said he’d take my name off their contact list. So far, no more calls from our nation’s capitol.

When I told co-worker Kim Ekins the story, she informed me that she knew someone with “Amy’s” real name who used to live in Fayette, but now lived in Morenci. In fact, she had just seen her a few days before. A friend in Fayette confirmed that she used to live there, but no longer did. 

It seems odd that she’s known in Washington, by folks in Morenci and Fayette, but not by me, the person she identified as her point of contact, complete with my phone number. But maybe that will change.

Kim promised the next time she sees her, she’ll ask her why she claimed I knew her. And if “Amy” wants to call me, I’ll tell her who’s looking for her. Besides, I want to know if she’s been in Kirkland, Wash., lately. If she isn’t also my identity thief, at least she might have some ideas for better passwords.

Weekly newspaper serving SE Michigan and NW Ohio - State Line Observer ©2006-2014