Brent Sweitzer was stuck in London, robbed of his money, phone and passport, his friends were informed in e-mails. The Atlanta man urgently needed their financial assistance, they were told.
Except Sweitzer, 35, didn't send those e-mails. He was home in Cabbagetown.
His friends had become targets of sophisticated hackers, who rerouted Sweitzer's Yahoo account so any responses were forwarded to them. In this elaborate hoax, Sweitzer's father called the London hotel where his son supposedly was staying, and a man confirmed Sweitzer was registered but "had stepped away." Sweitzer had all of his e-mails and contact addresses disappear from his account moments after sending out warning messages.
No one sent money to these on-line thieves, but Sweitzer learned a tough lesson: It's easy to become a victim of cyber crime.
Identity theft is nothing new.The Federal Trade Commission's Consumer Sentinel Network received 1.3 million fraud complaints in 2009 alone, with 21 percent reporting identity theft. Sixty-two percent of people said the internet, largely through e-mail, was the source of initial contact.
Georgia ranked seventh in identity theft complaints nationwide, with 9,556 people reporting some form of theft. Identity fraud totaled $54 billion in 2009, according to Javelin Strategy and Research, which is focused on the global financial services industry.
Identity-theft experts are watching the evolution of a new intrusion as more people bare all on social networking sites and download risky mobile phone applications.
"We’re starting to see the convergence of social networking giving thieves the tools to break into other accounts," said John Sileo, identity theft expert and author of "Privacy Means Profit."
By sharing seemingly mundane personal details and preferences, people might be giving the bad guys clues about their security codes.
For example, by revealing your dog's name, hometown and date of birth on your Facebook page, a persistent hacker could reasonably guess potential passwords and use computer programs to run millions of iterations of possibilities, Sileo said. If your dog is named Fido, maybe your password is F1D0, fydough or phydo.
Breaking one password can have a domino effect on personal and financial security. Most people use one or two passwords for multiple accounts, Sileo said.
Cyber scamming is nothing new, but the manner in which thieves use the information is constantly changing. Social media is a gateway to the latest scams, experts say.
Tracking the numbers involving social media-related crimes is nearly impossible, said Michael Rand, chief of victimization statistics at the Bureau of Justice Statistics, an agency that publishes the National Crime Victimization Survey.
"I think the social media stuff is so new that I don’t know anybody who is collecting it," Rand said.
Even high-ranking corporate heads and officials aren't immune. Last spring, an ambitious hacker compromised a personal e-mail account that belonged to Babe Atkins-Byrne, a long-time GOP activist and wife of former GOP candidate for governor Bill Byrne. Atkins-Byrne had some 4,800 contacts in her account, all of whom received a request for funds to be wired to her in Scotland.
"It was a nightmare," Atkins-Byrne said. "Some people actually believed it. Why they would think my husband or my family would leave me in Scotland, I don’t know, but some people thought about sending money."
Atkins-Byrne isn't sure how the hackers obtained her Yahoo e-mail address, but she fears it had to do with her recent Facebook activity. Facebook did not respond to an interview request.
"I had that same address all those years without a problem, and then I got on Facebook and it wasn’t too long after that that it happened," she said. "I quit Facebook. It's not worth it."
These types of e-mail scams have an average 6-percent return, Sileo said. That's all hackers and ID thieves need.
"A friend’s grandmother sent $3,000," Sileo said. "[She] had no idea these types of thing happen; she barely can hit reply."
Using social media to help decode a person's life is cheaper and faster than traditional forms of ID theft because it allows access to a greater number of people in less time.
"The more people, the more access, the more criminals," FBI Special Agent Charles Pavelites said. "That’s the law of averages."
Security experts are now eying mobile phones as the next identity theft frontier. Not all mobile phone applications are safe and secure, leaving people open to harmful software.
John Hering, a mobile phone security provider, noted the recent popularity and vulnerability of a legitimate gaming application. What users didn't know is hackers had rewrapped the application with Trojan malware, he said. Days after downloading the game, the malware "woke up" and placed calls to 900 numbers in Somalia, racking up charges on the user's bill. A vigilant user might catch this scam and notice the few extra dollars in charges on his bill; the hackers are banking on those who don't.
"Maybe they only charge $5 or $10," Hering said. "But [they do it] to millions of people."
Identity protection tips
- Exercise judgment when sharing personal details on Facebook, such as your whereabouts, date of birth and family members' names. Examine privacy settings to ensure only approved friends can access your wall posts.
- Only download mobile phone applications from trusted sources. Check the reviews from other users and application rankings to determine popularity and safety.
- Rotate passwords every few months, and do not use the same few passwords for multiple accounts. Keep the passwords in a safe place in your home -- not on your laptop or phone.
- Consider identity theft products that monitor your credit file and send alerts when your account has been active.
- Check mail daily and shred any personal documents before trashing.
- Check your free credit report every 12 months from each of the three national credit reporting companies at www.annualcreditreport.com.