A stolen identity is a powerful cloak of anonymity for criminals and terrorists and a danger to national security and private citizens alike. For the FBI, identity theft is nothing new—we've been dealing with criminals faking IDs for decades, from check forgers to fugitives on the run. But the threat is more pervasive and the scams more sophisticated than ever, including online elements. The FBI uses both its criminal and cyber resources—along with its intelligence capabilities—to identify and stop crime groups in their early stages and to root out the many types of perpetrators, which span the Bureau's investigative priorities.
The FBI also taps into its investigative partnerships with federal, state, and local law enforcement (including dedicated task forces in major cities) as well as information-sharing partnerships with every sector of business, government, and education. The Bureau also reaches out with information and education to make sure identity theft doesn’t happen to you.
To specifically address the growing problem of identity theft, Congress passed two laws:
- The 1998 Identity Theft and Assumption Deterrence Act, which amended Title 18, U.S. Code, Section 1028 to make it a federal crime to “knowingly transfer or use, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable state or local law.”
- The 2004 Identity Theft Penalty Enhancement Act, which established penalties for “aggravated” identity theft, which is using the identity of another person to commit felony crimes, including immigration violations, theft of another’s Social Security benefits, and acts of domestic terrorism. The act required the court to sentence two additional years for a general offense and five years for a terrorism offense.
Along with names, Social Security numbers, and dates of birth, fraudsters also use Medicare numbers, addresses, birth certificates, death certificates, passport numbers, financial account numbers (i.e., bank account, credit card), passwords (e.g., mother’s maiden name, father’s middle name), telephone numbers, and biometric data (e.g., fingerprints, iris scans) to commit identity theft.
According to the Federal Trade Commission, identity theft complaints nearly doubled between 2010 and 2015. However, the number of identity theft victims and total losses are likely much higher than publicly-reported statistics. It is difficult to provide a precise assessment because different law enforcement agencies may classify identity theft crimes differently, and because identity theft can also involve credit card fraud, Internet fraud, or mail theft, among other crimes.
Some of the more prevalent schemes criminals are using these days to steal identities include suspicious e-mail and/or phishing attempts to trick victims into revealing personally identifiable information; “smash and grab” burglaries involving the theft of hard copy driver’s licenses, credit cards, check books, etc.; and computer and network intrusions that result in the loss of personally identifiable information.
The FBI is working to address an emerging identity fraud threat—stolen identity refund fraud. This scheme involves perpetrators acquiring victims' dates of birth and social security numbers, and then filing fraudulent tax returns using this information, directing the refunds to prepaid debit cards or bank accounts under their control. Victims often don't realize that they have been targeted until they try to file their legitimate tax returns or receive a tax audit notice in the mail.