Torn-up Credit Card Apps Not So Safe 470
Maximum Prophet writes "This dude tears up a credit card application, tapes it back together, sends it in with his cell phone number and father's address, and voila, gets a credit card.
Who would have thought security at a credit card company was so lax? The company recommends that consumers "tear up" financial solicitations before throwing them away, "so thieves can't use them to assume your identity.", but according to them, "Applications that arrive in damaged form are customarily transferred to an electronic format, he said -- often by machine. So it's possible a human being never handled the taped-up application and never had the chance to spot the obvious sign of trouble." In this era where we worry so much about identity theft, this sort of thing really makes you wonder what the point really is.
shred shred shred (Score:4, Informative)
-l
Re:shred shred shred (Score:3, Informative)
The reason these are considered "safe" is that most all credit card applications require a social security number. So, that means the identity thief has to steal a piece of mail from your health insurance company, which is a pretty reliable way of
Re:shred shred shred (Score:5, Informative)
I do kind of miss shredding the fake AmEx cards that came with their offers, though.
Re:shred shred shred (Score:5, Informative)
Re:shred shred shred (Score:3, Funny)
Re:shred shred shred (Score:3, Funny)
1) Carefully steam the postage-paid envelope open at the seams.
2) Find a suitable-sized brick or brick fragment.
3) Wrap the envelope around the brick, in such a way that the postage-paid note and the address are on the same face.
4) Glue the envelope back together.
5) Mail it.
6) ???
7) Less profit!
Re:shred shred shred (Score:4, Insightful)
I met a guy with an even better idea. He has a home equity line of credit (HELOC). When a stupid credit card offer comes offering 0% interest, he pulls a couple grand out of the HELOC. Then he applies for the card and does a balance transfer from the new CC account to the HELOC. (Credit cards are too smart to just send you wads of cash when you apply, but they will give you the money if it's to pay another creditor- that's why he uses the HELOC, as an account to shift balances around.) If he gets the card and the transfer goes through, he puts the money in a CD earning 4.5% that matures when the card's introductory period expires.
Pre-approved applications (Score:5, Informative)
Amen. The reason I opted out of receiving those was exactly the one you mentioned, that they're a security problem.
The number to stop them at least used to be 888-5OPTOUT.
Re:Pre-approved applications (Score:3, Funny)
Just saying.. don't take anyone's word for a phone number, especially on an internet forum. Look it up yourself, using www.google.com.a8tisdu4.net or www.yahoo.com@afd9s8yh9ye498hf9s8h4f98j209j4f0jh8
Re:shred shred shred (Score:5, Funny)
Re:shred shred shred (Score:5, Funny)
Re:shred shred shred (Score:4, Informative)
Actually, if you sign up for insurance, for most applications you can write the words "please assign" in the space for the SSN, and the company will assign a number for your policy. I should note that some brokers will get smart with you, and try to "guilt you" into providing your real social "in the event you are incapacitated" and "so your loved ones can help". Don't let them guilt you (if I am incapacitated or dead - I don't care anymore, now do I?). Also, don't put in a "fake SSN", as these get caught fairly easily (and you'll get a phone call or letter) - or if they aren't, then it might be YOU who are guilty of "identity theft", if it is found out it matches someone else's real number in the system...
Re:shred shred shred (Score:4, Informative)
Re:shred shred shred (Score:3, Interesting)
wimp (Score:4, Funny)
its the only way to be completely sure.
Re:wimp (Score:3, Funny)
-l
p.s., ... "a controversial new study argues". ;)
Re:wimp (Score:4, Funny)
Re:wimp (Score:3, Funny)
-l
Re:shred shred shred (Score:5, Interesting)
You'd think so, wouldn't you. However, you might want to read this story [edwardjayepstein.com] about the Iranian students in 1979.
First three sentences of the fourth paragraph:
This particular story didn't say so but I read elsewhere that the students laid out the shredded documents on the floor of gymnasiums and pieced the documents back together.
gymnasium and scotch tape no longer required (Score:4, Interesting)
The technology now exists to scan fragments of documents en-mass and piece them together semi-automatically in electronic format. Some human interaction is still required, but it is much faster and easier than the Iranian effort. This is being done to restore ancient manuscripts but I'm sure it's being done in the covert and criminal fields as well with shreded documents.
Re:gymnasium and scotch tape no longer required (Score:3, Interesting)
Re:gymnasium and scotch tape no longer required (Score:3, Informative)
The big industrial strength shredders I've seen for classified material reduce it to literally dust. Nothing is going to reconstruct anything from that.
Classified paper shredders have specific requirements for their output. Suffice to say that nothing short of divine intervention will reconstruct a document shredded by modern standards.
Re:gymnasium and scotch tape no longer required (Score:3, Insightful)
Some years ago, when I was in college, I lived in a 4-apartment building that had a coal furnace, but it would also burn paper. We put all our waste paper, including lots of computer output, into the furnace. It saved a significant amount in fuel costs. But the paper didn't burn as long as coal. A full lo
whose fault (Score:3, Insightful)
Re:whose fault (Score:4, Informative)
Re:whose fault (Score:4, Insightful)
As long as they're vastly more powerful than us, it is usually to their advantage to create problems for you that you may (or may not) pay to make go away. I finally paid a lawyer over $5,000 to correct MBNA's refusal to stop reporting credit fraud as mine. Once the 100 page brief was filed with the court and MBNA saw that there would be financial consequences, they finally backed off.
There's a huge difference between what's illegal and what's prosecuted.
Re:whose fault (Score:3, Interesting)
The reason they get away with this is not because they are big and powerful and use lawyers to crush you, they do not want or need that kind of expense, not to mention bad publicity. The reason they get away with it is because people like you preach hopelessness and people don't figh
For the extra paranoid (Score:3, Interesting)
Thanks for reminding me (Score:2)
Possible? Yeah, but highly improbable (Score:5, Insightful)
"Applications that arrive in damaged form are customarily transferred to an electronic format, he said -- often by machine. So it's possible a human being never handled the taped-up application and never had the chance to spot the obvious sign of trouble."
What, a machine opened the letter, recognized it was an application (and not, say, other junkmail that got stuffed into the nearest bulk reply envelope), fed it into a scanner, then trashed the hard copy? At no point in the process does a human see it? Sounds like bullshit.
Re:Possible? Yeah, but highly improbable (Score:5, Informative)
1) Save the return envelope.
2) Fold up a blank piece of paper with a nice wad of chewing gum/peanut butter/diaper contents/etc
3) Mail your "application"
4) ???
5) Profit
Re:Possible? Yeah, but highly improbable (Score:5, Informative)
My wife did a few months on graveyard shift at a First Security payment processing center (before Wells Fargo assimilated them). She said those machines are *really* cool, really fast, and jam up so easily that they have dedicated staff on-hand to fix particularly nasty jams.
So if you want to put a (albeit small) dent in the productivity of the Evil Credit Card Sharks, send back those handy self addressed envelopes stuffed with their own junk mail. Be sure to fold, spindle, and mutilate the envelope, too. :)
Re:Possible? Yeah, but highly improbable (Score:5, Funny)
So if you want to put a (albeit small) dent in the productivity of the Evil Credit Card Sharks, send back those handy self addressed envelopes stuffed with their own junk mail. Be sure to fold, spindle, and mutilate the envelope, too. :)
Nah, just send back the application (blank) with a thin layer of jelly.
OMG! (Score:4, Funny)
OMG! That's not jelly! EEEEEEWWWWWW!
Re:Possible? Yeah, but highly improbable (Score:3, Informative)
Re:Possible? Yeah, but highly improbable (Score:5, Funny)
I made my own checkbox next to the "YES! Sign me up." that said "No thanks," and checked it. Naturally, I put it in the business reply envelope, along with a dollar or two in pennies (to be used toward the processing fee of course), and sent it on its way.
They never sent me another application.
Re:Possible? Yeah, but highly improbable (Score:5, Informative)
I'd guess yes, at no point in the process does a human see it.
Here's one vendor -- OPEX [opex.com]. This one does opening and extraction [opex.com] but isn't particularly fast at 17,000/hr. They have a scanning solution as well -- significantly slower but the mail goes straight from envelope to scan.
This is just what I've found in a quick search because I knew something like it existed; I'm not that familiar with the high-speed mail processing industry. I'd imagine that the technology would surprise most people.
Re:Possible? Yeah, but highly improbable (Score:3, Interesting)
Re:Possible? Yeah, but highly improbable (Score:2)
Re:Possible? Yeah, but highly improbable (Score:5, Informative)
Not only is it possible, but probable. While I would expect a lot of errors, or "bad" data from the scan, I promise you it was scanned...
Re:Possible? Yeah, but highly improbable (Score:2)
In most cases, there is s P.O. Box or mailstop, and that alone decides where it goes, and how it gets handled...
My story (Score:2)
About 10 years ago someone went dumpster diving and got one of my credit card apps. They had a merry old time at Service Merchandise, in my name, until they got shut down. It was a mighty pain for me. And some skank VISA company was out $1000. Wonder why your card rates are so high? Now I shred everything, and throw away the shreds away weekly with dog excrement picked up from around the yard. I am no longer concerned about mail-based credit card fraud.
Re:My story (Score:2)
My heart bleeds. No, really. That might represent five seconds' worth of profit.
No, not at all. They're that high because the credit card issuers have made sure to hype any fraud they can find, to make you think that they're losing all this money on fraud and need to jack up your rates to cover it.
Your rates aren't high because of fraud. Your rates are high because of greed.
Re:My story (Score:2)
Untouched by human hands (Score:2)
Let me make sure I understand this. The form was recieved, removed from an envelope, scanned and filed or destroyed all without having ever been handled by a person? Am I the only one who finds this a bit far fetched?
Re: (Score:2)
Solution! (Score:5, Insightful)
Re:Solution! (Score:2, Informative)
Re:Solution! (Score:5, Interesting)
Last summer I had a notice in my mailbox from the Postmaster that stated there were reports of mail theft in our neighborhood and that we should be watching closely for ID theft.
My wife is concerned with throwing mail away and the thieves getting it there. Why would they bother to go through my trash and get dirty when they can get it fresh from my mailbox w/no one the wiser.
Re:Solution! (Score:3, Funny)
Shred things to microns: bleach, bucket, water (Score:3, Interesting)
So I came up with my $0.50 shredding system: 1 bucket, 2 cups of bleach, water.
Takes a total of 5-10 minutes, and there's no recoverable information: much, much better than my ol
The basis: Where Credit Comes From (Score:5, Informative)
Banks want you to have credit -- of course they'll accept any application as long as the name and social security number match their lookups, and your FICO score is reasonably high (although banks are now lowering standards to give out even more credit).
When a bank offers credit, it does so based on money it has (of course). Yet it is very important for the average person to understand where this "money" comes from -- especially digital money such as you'd have when you have an available credit line.
All banks that are part of the central banking system (the Federal Reserve) are required by the Federal Reserve to stick something called a money multiplier. I believe the current money multiplier is 12% or so, but it varies. This basically means that a bank must keep a reserve of that amount versus the actual money is sends out. If a bank loans out $1000, it has to keep $120 in the bank. Even if it loans out the $880 ($120 in reserves) the bank can stil say it has $1000 in demand deposits available -- even though it doesn't.
The collusion comes into place when the first bank is given $1000 by the Federal Reserve. The Federal Reserve is allowed to print new money out of thin air by creating loans against government property and future government income. This initial $1000 is placed in Bank A as available cash. Bank A holds $120 but loans the remaining $880 to Bank B which is also part of the Federal Reserve banking system. Bank A still holds a demand deposit value of $1000 which is available to be withdrawn! Bank B also has $880, but has to reserve 12% of it ($105). It then loans the rest ($775) to Bank C, but still lists $880 as its available balance of demand deposits. Bank C reserves its 12% ($93) and loans the rest ($682) to Bank D, while still listing the original $775) as its available balance. This collusion continues to go around until there is no more reserve balance available. In the end, the original $1000 the Federal Reserve created is held as a base reserve for the $9000 or so "new money" that is created.
Banks need people to accept this money in loans or in credit -- this is the way the bank actually makes money. Eventually all the loans are hopefully paid back into the system, so the bank makes a nice interest rate. On the new $1000 created, each bank wants to loan out as much as possible -- and these loans are used to buy goods, which recycles money back into the banks which can be kept as reserves to create even more money! If the bank takes $1000 and loans out $880 but receives $400 of that bank in, it can now loan out a portion of that $400 that it has in reserves.
In the long run, the system wants debt out there because it is created out of fake inter-bank loans anyway. Most of you don't even see your physical money because it doesn't exist -- there are about $600 billion dollars in circulation worldwide, but there are over $10.2 trillion dollars on the books!
And people have faith in the system.
A Simple Way To Prevent This! (Score:5, Funny)
There's a foolproof way to keep this kind of identity theft from happening to you: just make sure your FICO score is really, really low!
That way, nobody will be able to get credit in your name. And, as a bonus, it's really easy to do!
Re:The basis: Where Credit Comes From (Score:2)
I'm glad my parents just had the "boogie man."
Re:The basis: Where Credit Comes From (Score:2)
All banks that are part of the central banking system (the Federal Reserve) are required by the Federal Reserve to stick something called a money multiplier. I believe the current money multiplier is 12% or so, but it varies.
Actually the multiplier is the reciprocal of the minimum reserve. So in the case where the reserve is 12%, the multiplier is 1/.12 = 8.333. Which means that if all banks keep that reserve, 1 million real dollars will multiply into $8,333,333. Cool huh? (Not.)
I remembered the p
Re:The basis: Where Credit Comes From (Score:2, Interesting)
But He Sent it In (Score:3, Funny)
If a real criminal would have attempted to tape it togather and send it in, the company would definitely not accept it...
And for the humor impaired ;-)
Pimply faced kids (Score:4, Insightful)
Most of the fruad that I've suffered has been at the hands of large corporations that reckon that my lawyer won't be willing to take on their lawyer.
Re:Pimply faced kids (Score:3, Informative)
Does the number really need to be ON the card? It's on the magnetic strip, which the machine reads. It never needs to be displayed. Sure, it's security through obscurity, but it is better than the current system.
A lot of cc and identity theft has been committed by running people's cards through readers that simply record the info from the card and store it to be retrieved later by the thieves. Often happened at grocery stores, convenience stores, restaurants, etc.
Isn't there a human somewhere? (Score:3, Interesting)
And yet they say... (Score:2)
Re:And yet they say... (Score:2)
1-888-5-OPTOUT Follow the prompts (when I did it it was option 2, then 2 again). You have to provide some personally identifying info (specifically SSN).
This will get you marked by the main credit bureaus as "Do not mail", so they will not include your name in the marketing lists they sell to credit providers. I worked in the credit card business for a couple of years, 90% or more of these offers come straight off these marketing l
Stupid credit card companies (Score:2, Insightful)
Make the banks liable... (Score:5, Informative)
What problem cannot be solved with fire? (Score:2)
What problem cannot be solved with fire?
Stop them at the source (Score:5, Informative)
Re:Stop them at the source (Score:3, Insightful)
Re:Stop them at the source (Score:5, Informative)
Still need SSN! (Score:2)
Go into debt, declare bankruptcy, get new CCard! (Score:2)
They were the perfect target for these unscrupulous companies, and no one was ever turned down for these cards.
After hearing this story, something like this does not surprise me.
If Money is the root of all evil, Credit Cards are the fertilizer.
Interest Rates (Score:2)
Re:Interest Rates (Score:2)
though as interesting bit. i signed up for a store's 0% financing over 4 years. what they don't tell you is the interest after that 3 years, if it's not fully paid up is 28.5% !
this is what suing is for (Score:3, Insightful)
Re: (Score:2)
I throw the torn up apps in with... (Score:2)
Happy taping!
What? Me, worry? (Score:3, Interesting)
The point is, that there isn't any point.
It's exactly that kind of thing, and the real lack of concern that I've witnessed from gov't agencies and financial institutions all along, concerning everything from someone's actual name and SSN being used as an alias by a known felon (and the SSA refusing to issue a new SSN for the "victim") to loan officers that say that there's so much junk data on credit reports that they often ignore a lot of it, that caused me not to worry if my "identity" is "stolen."
Opt out (Score:2, Informative)
Nothing New (Score:2)
I accidentally deposited a co-workers check into my bank account. I picked hers up by mistake as her mailbox in the office is right above me. I signed the back and took it to the bank and deposited it. Later that day, I looked in my mailbox and there was my check. I asked the secretary if anyone was missing his check. Sure enough, I had deposited the wrong one. I didn't catch it, and the Bank
Weakest link in the chain (Score:2)
This is just the tip of the iceberg! (Score:2, Informative)
1) Credit card companies send out blank checks with your account info on them, in feeble attempts to get you to spend up with a lower interest rate where they will charge you jacked up rates when you don't pay in full.(and anyone swiping your mail can use your CC
as good as cash)
2) Credit card companies are sending out more and more "authoritative looking" mail offers that makes it look like a check is being made out to you, but it swindles you into some sort of agreement that will cost you more.
Even if you
OptOut - Get off their prescreen lists. (Score:2, Informative)
Existing cards aren't safe either (Score:4, Interesting)
Clearly they didn't make even the slightest attempt to validate the charge. I've closed that account and put fraud watches on our credit and so forth, of course, and no other suspicious charges have shown up. Still, it makes me nervous.
Meanwhile, my father-in-law discovered his bank account was several hundred dollars short. Turns out he was auto-paying someone else's gas bill. My wife had a heck of a time straightening that out. The bank insisted it was the utility's responsibility and vice versa. "He signed up for automatic payment!"
"My father doesn't own a computer. Why would you authorize withdrawls for someone else's utility bill in the first place? Especially when their account number is identical except for two transposed digits..."
A mistake in that case, but it would be so easy to do that deliberately...
Something else the credit card companies do... (Score:4, Informative)
Ask them to stop sending them to you and they swear up and down it will happen, but it never does. It's just too lucritive for them to stop sending them to you.
Don't throw it all out at once... (Score:3, Insightful)
Then let's see them put it back together...
Shred AND mail (Score:3, Funny)
Something to do while watching movies.
Re:Uhoh. (Score:5, Insightful)
Re:Meanwhile... (Score:2, Funny)
Re:Solution (Score:2)
Or just burn all your mail. That would be cheaper.
True, but why is it *my* problem to solve? (Score:5, Insightful)
Why should I spend my money to solve a problem that some credit card company creates? Especially when I'm not even their freaking customer?
Re:True, but why is it *my* problem to solve? (Score:2, Insightful)
I live in a city...what's to stop someone from just plucking the unopened offer from my house-attached mailbox? Total Bullshit, these mailings.
Re:True, but why is it *my* problem to solve? (Score:2)
Not saying it's right, but IMHO if you can do something to prevent a problem and you don't, you're just as responsible as anyone else involved.
Re:And the point is...... (Score:2)
Re:And the point is...... (Score:2)
Re:And the point is...... (Score:2)
I wrote a check for my rent, and an electronic image of it was deposited into my bank by Wells Fargo. Three days later, Wells Fargo presented the REAL check to my bank for payment, except they presented it as a different dollar amount. My bank accepted BOTH checks, even though they both had the same check number, and I had to call them to i
Re:Its called a cross cut shredder (Score:4, Interesting)
Churchstreet Technologies [eweek.com] will scan the debris in a shredder's output bin and their software will reconstruct it in RAM. They claim to be able to piece together even crosscut documents as long as you haven't mixed several bags together. Seems to be that columns of number would be an intractable problem, I don't know whether they can manage those.
Re:Shredder anyone? (Score:2)
Re:New market opportunity! (Score:2)
I mean, who's opening the envelopes and unfolding the letters before this automation occurs? AFAIK there's no machine to do this...
Re:But He Filled It Out (Score:2)
Re:But He Filled It Out (Score:5, Insightful)
I know I'm going to be more careful to shred them all, but if you still think it's useless, that's fine by me. Send all of your ripped up CC applications to me, and I'll dispose of them.
Re:But He Filled It Out (Score:3, Insightful)
That's why he applied in his father's name - he put in a fradulent application and it was accepted.
Nope, it's not quite that insane. He used his fathers address, but he used his own name (and presumably correct SS#). If you look close you can even see his name (Rob Cockerham) on the application. Learn to read more carefully next time, lest you miss-inform a huge number of people.