In my industry (national credit bureau), I have to accept that our customers -who are big lenders like Chase, GMAC, Citibank, etc - are going to have their own consumers (Joe Public) who will fall victim to fraud.
Joe Public gets his credit report, and learns that he has two defaulted credit cards in excess of 15,000 bucks that he never opened. He always had stellar credit and goes to the credit card companies and explains that he feels he was a victim of fraud, and the charges they have in his name aren’t his.
The creditors put up some resistance, and basically drop some burden of proof on the alledged victim. The creditor and the victim speak on the phone, and the fraud department of the creditor tells the victim that the accounts were opened on-line at their web sites. Someone might have applied with the victims stolen identity and had credit accounts opened under a new address.
This happens enough that when I hear this, I always am left to wonder:
If some fraudster pops into Bankwhatever.com and fills out the two or three pages of paperwork, and gets a card approved in someone else’s name, doesn’t Bankwhatever know information about the applicant that goes beyond what they typed in on the form?
Can a webite/webhost know what ISP the fraudster came from? How about the fraudster’s ID from his PC or ISP (even though it might be bogus), or if they were on a network, isn’t there a way to go all the way back to the source computer?
Know, I know in many cases criminals cover their tracks, but in many cases, they don’t, or don’t know they even have tracks to cover.
Should I be pissed at creditors? DO they know information about the people that fill out applications at their websites that isn’t just the “form” info? CAN they make an effort to use this info and track down fraudsters?
What tools do they have (technical tools) that can get them info about people visiting their sites? And this goes beyond just banks site…
…or are site visitors pretty stealthy?
What’s the dope?