![Sarah Efron [Journalist]](../images/header.gif)
print stories| HOME |
| AUDIO |
| BLOG POSTS |
| ABOUT THE SITE |
Gone in a Flash: Identity Theft
Canadian Diamonds, Spring 2004
The credit card is approved. The man shows his passport as identification. Just to be safe, the clerk gets the credit card company on the phone and asks them to talk with the customer. The man easily gives the information they want – billing address, secret password – and he walks out of the store with his new watch.
But everything isn’t as it seems. Two months later the jewellery store gets a call from Moneris, an agency that processes credit card transactions for the banks. The man who had made the purchase obtained the card by creating a new identity for himself. The passport and credit card he used was someone else’s. The sale was a fraud, and the store was a victim of identity theft.
This scenario, which took place in 2002, is one that’s becoming all too common. Identity theft – stealing someone’s personal information for financial gain – is skyrocketing in Canada. In 2003, some 16,000 Canadians were victims of identity theft. That’s twice as many as the previous year.
The reason this type of white-collar crime is becoming so popular is the bottom line: as far as non-violent crimes go, identity theft is one of the most profitable. Add to this that when caught culprits tend to receive light sentences, and it quickly becomes obvious why a potential criminal would turn to identity theft as his or her crime of choice.
With a high value, hard-to-trace, easily transportable product, Canadian jewellery retailers should have a particular concern with identity theft. They make a good target for a criminal looking to go on a spending binge. And with the dramatic rise in incidences of identity theft, it’s no longer a question of whether or not a jeweller will be a victim of identity theft. It’s a question of when.
Last year a woman went into a Peoples store in Toronto and applied for a credit card. The sales associate was suspicious and called the police. It turned out that not only was the driver’s license a fake, but the woman had 15 other pieces of falsified identification on her. They all had her picture with a different name – the names of clients from the company where she worked.
It’s one of a host of techniques criminals often use. Scams range from the ultra-sophisticated – for example breaking into a company database to get information – to the simple stealing of someone’s purse. Sometimes the scam begins in a cemetery, where a criminal finds the grave of a child who would have been in their age group. With just the name and date of birth, the criminal applies for a birth certificate.
Once they have that, they apply for a driver’s license, using their own photo. Then they apply for a credit card, and quickly max out the limit. Criminals will also take a credit card in another person’s name, and reroute the bills to a new address. It can be months before the victim realizes anything is wrong. Especially when criminals pay off the card, and then apply for an increase in credit. Eventually the bill isn’t paid, the criminal escapes with the loot and the collection agency comes calling.
There are countless ways unscrupulous individuals can obtain fraudulent credit cards. Some steal customers’ credit card numbers from restaurants or gas stations where they work, or from dishonest employees. With the use of various black market devices, they can electronically change the magnetic strip on another card to match the stolen number. Sometimes the criminals work for companies that have databases of personal information on their customers – credit card numbers, social insurance numbers, driver’s license numbers – and they apply for credit based on their customers’ names.
It has a destructive impact on the victims. “Your credit rating has been destroyed. You have to work with credit agencies to restore your name, and at the very least, it will take a couple of months,” says Barry Elliott, Detective Staff Sergeant of the Ontario Provincial Police and Coordinator of PhoneBusters, an anti-fraud agency.
With the prevalence of identity theft in today’s society, a number of media have explored this growing crime. Daily newspapers, supper-hour news shows, radio call-ins – all have addressed how individuals can protect themselves. But few have looked at the impact identity theft has on industry. For the jewellery industry at least, this could have something to do with companies’ attitudes towards talking about identity theft.
“Our insurance company tells us not to talk about it. And we’d rather not discuss it, for security reasons. But I can tell you that, across the industry, it happens all the time.” This was the response from Sarah Barnes, a financial controller for Michael Hill Jeweller in Vancouver. It’s typical of the reactions I received when I approached various jewellers. Barnes was one of the few who would even let me use her name.
Once a criminal gets enough information to impersonate someone, often his or her first stop is at a jewellery store. By not discussing the issue of identity theft, jewellers are only making themselves an even bigger target. Without educating themselves through dialogue, jewellers are left unaware of how the issue might affect them, and what steps that they can take to avoid becoming a victim of identity theft.
John Lamont is a director of Jewellers Vigilance Canada, a non-profit crime prevention group for the jewellery industry. He is also a loss prevention manager for Zale Corporation (the parent company of Peoples and Mappins jewellery chain stores). Lamont gave a workshop on identity theft at the Jewellery World Expo convention in Toronto in August 2003. The number of jewellers that attended can be counted on one hand. “In our industry, people don’t want to talk about these issues,” Lamont says. “It’s the mentality that ‘it will never happen to me’. It’s not until something does happen, that people start asking questions. Also, jewellers who have experienced identity theft are often hesitant to air their dirty laundry.”
But it’s an issue that jewellery retailers definitely need to pay attention to. After all, if they aren’t careful they could be left holding the bill for a fraudulent sale.
The nightmare of identity theft isn’t only individuals; it’s also a threat to retailers. “Most jewellers don’t understand their relationship with banks in regards to credit cards,” Lamont warns. “They think that all you need is authorization from the bank. But you also need an electronic swipe of the card or a manual imprint. You have to compare signatures with what’s on the card. If you don’t do those things, the bank can charge the sale back to you. You’ll be on the hook for the whole amount.”
Retailers who do telephone sales are particularly at risk. A computer store in North Bay, Ontario learned that lesson the hard way. Three years ago, they shipped out $100,000 of RAM memory to an African address. The credit card was approved, but in the end, the credit card turned out to be fraudulent and the store went bankrupt.
“If you’re going to take order on phone and you don’t know the customer, make sure you don’t ship out the product right away,” advises Elliott. “You should find out from your bank how much time needs to go by before you’re protected—often it’s 45 to 60 days.”
In the case of the Rolex watch at Jubilee Jewellers in Ottawa, the bank covered the loss because the sale was in person and the store had followed the proper procedures. But afterwards, Moneris gave the store an ultimatum: sign a waiver agreeing to pay for future fraudulent charges, or you can’t use credit cards anymore. Jubilee’s president Mo Charania says they had no choice but to sign the agreement, and then they quickly switched to another credit agency.
“It’s very disappointing when you try and do everything correctly and you follow the rules and you’re still held responsible,” says Charania. “The ultimate responsibility should lie with banks to protect their products more carefully.”
Charania decided to be more vigilant against fraud: Jubilee Jewellers doesn’t do any telephone sales, they ask for identification for large purchases and often call the bank to verify information. But still, Charania estimates that last year they lost $15,000 to credit card fraud and an equal amount to fake certified cheques and money orders. The banks absorbed some of the losses, and Jubilee had to pay for the rest.
“We had one case where we notified the bank about a suspicious credit card,” recalls Charania. “The customer made us feel uneasy, but the signatures matched and the credit card went through. We called the bank and they talked to him and verified the information. The bank said we were being paranoid. A month later, we got a notice in the mail saying it was a fraudulent sale.”
Often retailers feel overwhelmed that they’re being asked to detect crimes that even the banks can’t detect. A manager at a high-end jewellery store in Vancouver, who doesn’t feel comfortable revealing her name, took a telephone order last December. The customer mailed in a bank draft and the store sent out the product.
“The bank accepted it,” she says. “It looked perfect to the bank and perfect to the police. It was the best ones the officer had ever seen.”
Normally, a cheque will bounce within a few days. But the bank draft had numbers routing it to an American bank, and a month went by before the store got a call – the bank draft wasn’t real.
Since the incident, the store no longer takes cheques of any kind from unknown customers: instead they ask for direct deposit into their bank account. They also started a crime prevention organization with other high-end retailers in their area.
But the manager is much more wary than she was before. “I used to believe that a bank draft from a major Canadian bank was safe,” she says. “So when are you safe? We’re doing as much as we can to protect ourselves. We have a policy and we stick to it and now we have very few problems. But let’s face it, there are no guarantees.”