FTC: Identity theft retains its throne as No.1 worst scourge in Top 10 consumer complaint list

Identity theft has been the top consumer complaint to the Federal Trade Commission now for 13 years running.

The FTC's annual look at its Consumer Sentinel Network database of complaints found that 2012 was the first year the agency got more than 2 million complaints overall, and 369,132, or 18%, were related to identity theft. Of those, more than 43% related to tax- or wage-related fraud, the agency stated.

[MORE: IRS warns of Dirty Dozen 2012 tax scams]

[RELATED: IRS: Top 10 things every taxpayer should know about identity theft

A closer look at the identity theft trend finds:

" Government documents/benefits fraud (46%) was the most common form of reported identity theft, followed by credit card fraud (13%), phone or utilities fraud (10%), and bank fraud (6%). Other significant categories of identity theft reported by victims were employment-related fraud (5%) and loan fraud (2%).

" Complaints about government documents/benefits fraud increased 27 percentage points since calendar year 2010; tax or wage-related fraud accounted for the growth in this area, with 43.4% of identity theft victims reporting this problem in 2012. Employment-related fraud complaints, in contrast, have declined 6 percentage points since calendar year 2010.

" Forty-two percent of identity theft complainants reported whether they contacted law enforcement. Of those victims, 68% notified a police department. Fifty-four percent of these indicated a report was taken.

" Florida is the state with the highest per capita rate of reported identity theft complaints, followed by Georgia and California.

Rounding out the Top 10 most complained about activities are:

  • Debt collection 199,721 10%
  • Banks and Lenders 132,340 6%
  • Shop-at-Home and Catalog Sales 115,184 6%
  • Prizes, Sweepstakes and Lotteries 98,479 5%
  • Impostor Scams 82,896 4%
  • Internet Services 81,438 4%
  • Auto-Related Complaints 78,062 4%
  • Telephone and Mobile Services 76,783 4%
  • Credit Cards 51,550 3%

The Internal Revenue Service recently said it had taken a big shot at the identity theft problem completing what it called a massive national sweep targeting 389 suspects in 32 states and Puerto Rico. The IRS Criminal Investigation unit cited the total number of identity theft investigations to more than 1,460 since the start of the federal 2012 fiscal year on Oct. 1, 2011.

In addition to the criminal actions, IRS auditors and criminal investigators conducted a special compliance effort starting on Jan. 28 to visit 197 money service businesses to help make sure these businesses are not assisting identity theft or refund fraud when they cash checks. The compliance visits occurred in 17 cities the IRS labels "high-risk" such as New York, Philadelphia, Atlanta, Tampa, Miami, Chicago, Houston, Phoenix, Los Angeles, San Diego, El Paso, Tucson, Birmingham, Detroit, San Francisco, Oakland and San Jose.

The identity theft push over the last several weeks reflects a wider effort underway at the IRS. Among the highlights:

" The number of IRS criminal investigations into identity theft issues more than tripled in fiscal year 2012. The IRS started 276 investigations in fiscal year 2011, a number that jumped to 898 in fiscal year 2012. So far in fiscal year 2013, there have been more than 560 criminal identity theft investigations opened.

" Total enforcement actions continue to rapidly increase against identity thieves. This category covers actions ranging from indictments and arrests to search warrants. In fiscal year 2012, enforcement actions totaled 2,400 against 1,310 suspects. After just four months in fiscal 2013, enforcement actions totaled 1,703 against 907 suspects.

" Sentencing of convicted identity thieves continue to increase. There were 80 sentencing in fiscal year 2011, which increased to 223 in fiscal year 2012.

" Jail time is increasing for identity thieves. The average sentence in fiscal year 2012 was four years or 48 months - a four-month increase from the average in fiscal year 2011. So far this fiscal year, sentences have ranged from four to 300 months.

" By late 2012, the IRS assigned more than 3,000 IRS employees - over double from 2011 - to work on identity theft-related issues and the IRS has trained 35,000 employees who work with taxpayers to recognize identity theft indicators and help people victimized by identity theft.

While the moves are significant, many think the agency is paddling against a tsunami with a canoe.

In Sept. 30, 2012, the IRS had identified almost 642,000 incidents of identity theft that impacted tax administration in 2012 alone, an almost three-fold increase over 2011 and a rate almost six times (47,730 incidents) that of 2008 when the fraud was initially tracked, according to a Government Accountability Office report.

IRS officials told the GAO that one of the challenges they face in combating identity fraud is its changing nature of the crime and how it is concealed. For example, IRS officials described several areas where the extent and nature of identity theft is unknown.

According to the GAO there are other issues:

" The IRS does not know the full extent of the occurrence of identity theft. Officials said that they count the refund fraud cases that IRS identifies but that they do not estimate the number of identity theft cases that go undetected.

" Identity of the thieves. Unless IRS pursues a criminal investigation, IRS generally does not know the real identity of the thieves.

" Whether a fraudulent return is an individual attempt or part of a broader scheme. Identifying new schemes or significant cases, such as one thief using numerous taxpayer identities, depends on analysts noticing patterns or other indications that a few cases may be part of a larger scheme. As a result, some schemes or cases involving multiple taxpayers may go undetected.

" Characteristics of known identity theft returns. IRS officials told us that the agency does not systematically track characteristics of known identity theft returns, including the type of return preparation (paid preparer or software), whether the return is filed electronically or on paper, or how the individual claimed a refund (check, direct deposit, or debit card).

" IRS captures data on the amount of money it recovers from all types of fraudulent returns, but it does not distinguish whether the type of fraud was identity theft or some other type of fraud. In some cases, external entities, such as banks or other agencies, may notify IRS of potential refund fraud, including suspected identity theft-based refund fraud. IRS reported it had received information from 116 banks and external leads on more than 193,000 accounts between Jan. 1 and Sept. 30, 2012, for all types of refund fraud. IRS reported that banks and other external entities returned almost $754 million during this period.

Another challenge is prosecuting confirmed identity thieves. While the number of cases has obviously grown, the prosecution of these thieves has not even scratched the surface. For example according to the GAO, only 898 cases in 2012 have had formal criminal investigations been instigated. The IRS typically only goes after "the most egregious and significant identity theft cases, as measured by volume and refund amounts," the GAO stated.

An audit of the IRS in 2012 found that the agency stands to lose as much as $21 billion in revenue over the next five years due to identity theft. The Treasury Inspector General for Tax Administration, which is part of the U.S. Treasury.

The IRS said it has made a significant increase for the 2013 tax season in the number and quality of identity theft screening filters that spot fraudulent tax returns before refunds are issued. The IRS has dozens of identity theft screens now in place to protect tax refunds. These efforts helped the IRS in 2012 protect $20 billion of fraudulent refunds, including those related to identity theft, compared with $14 billion in 2011, the IRS stated.

Follow Michael Cooney on Twitter: nwwlayer8 and on Facebook.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags identity managementFederal Trade CommissionNetworkingsecurityinfrastructure managementAccess control and authenticationendpoint securityWide Area Networkmanagement

More about FacebookFederal Trade CommissionFTCInternal Revenue ServiceInternet ServicesIRSIRSPhoenix

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Cooney

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place