Last week I thought I had lost my wallet … and called Visa. During our conversation, they discovered that they didn't have my complete address and took down my apartment number and so forth. Today I received this letter from Wells Fargo Card Services:This letter was sent, of course, to the new address. That means (1) if the address change had in fact been the work of an identity thief, Bill would never have been notified; and (2) the thief would not even have needed to call Wells Fargo to confirm the address, since the letter only requires further action to disconfirm the address change.
Thank you for your recent change of address. In an effort to prevent fraud on your account, this letter is to confirm the change is valid.
Your new address is now listed as:
[redacted]
If this change was made without your knowledge and is invalid, please call us immediately at [redacted].
If the change is valid but incorrect, please call our Customer Service group at [redacted].
If this is the kind of fraud protection we’re getting from our financial service providers, it’s no wonder identify theft is so common.
9 comments:
That letter would be funny if it weren't true. Instead it's sad.
I think it confirms that there are seriously stupid people making decisions at Wells Fargo Card Services.
Glen, I think you were a little trigger-happy with your condemnation...
I'd presume many if not most identity thieves would likely change the address to one not their own - where deliveries can be made without the resident's knowledge, perhaps, or maybe to one matching false identification. (If they use their own address, catching them is presumably easy) If the given address is entirely fictitious, the letter would be returned as undeliverable and the account would be flagged. If the address is real but being used as a drop, then the letter could be returned by the actual resident, again flagging a fraud. If the letter is actually opened by such a resident, then the given content becomes relevant, telling the resident a fraud may be happening, again allowing them to contact the company and flag the account.
Since the letter is not much intended for the account holder, the disconfirmation strategy serves to avoid his needless hassle.
Z -- I think it's pretty odd to count on the altruistic efforts of residents who receive mail that's not addressed to them, especially since it's *against the law* to open up mail that's not addressed to you. And in any case, I doubt the creditors pay much attention to mail returned to sender. As a victim of identity theft, I can tell you that accounts have been opened in my name using my old address, and I haven't found out until collection agencies tracked me down months later at my new address. Apparently the bills were going to the old address for the entire time without sending up any flags.
I moved a few months ago; one of my credit card companies sent a confirmation card to *both* addresses. The one to the old address took longer to get to me since it was auto-redirected by the post office.
Someone stole my identity once. Interestingly enough, they paid the bills promptly every month. I guess they just liked being me. I guess *stole* isn't the right word. Can someone out there tell me the word for someone who steals but doesn't really steal? Is *identity assumer* a word that is commonly used? Is it against the law to be me without doing bad things? I read in a philosophy book once that it was okay to steal an apple if you were starving to death. Does the same thing apply if you have to steal a credit card to survive. Well maybe they are not really stealing if they pay the minimum every month. Just some thoughts.
It's my understanding as well that they send the letter to both addresses.
You could call and ask.
Glen, I never got anywhere close to saying addressees could be counted on for stopping identity theft, but you seem to assert, given your ridicule, that the fallibility of this tactic means it will *never* work. Logically, if this technique works even occasionally to catch thieves (your n=1 statistical sample notwithstanding), it could be reasonably argued to be worthwhile, which was my point - a point made to counter your and others assertions that this letter is worthless, pointless, and confirmation of corporate stupidity. Let me ask you this: if your identity was stolen again, would you not want creditors to even try this method? A longshot is better than no shot at all, isn't it?
Z -- I didn't mean to ridicule, only to express doubt. I'm sure the method you describe catches some identify thieves, but relying on the kindness of strangers just doesn't sound reliable to me. If the identity thief chose the new address, it's not unlikely that the identity thief could be monitoring the new address.
Some here have said the companies send letters to both addresses, old and new. That sounds like good practice, but I have severe doubts (based on my personal experience) whether it's common practice. My experience is that the creditors' fraud protection programs generally suck. They regularly grant credit with only minimal information and checking. Even a simple credit check would reveal my current address, and yet multiple accounts have been opened in my name at my defunct address. This has happened with major companies (like Sprint), not just fly-by-night operations. Given this background, I'm not inclined to give them the benefit of a doubt on the wisdom of their identity-fraud protection mechanisms.
The really funny thing is that the next day I got my new card, at my "new" address. So even if this had been a sensible confirmation system, they didn't leave enough time for it to work. Wells Fargo's intentions seem to be good - they do call me with some frequency to make sure that what seem to them to be uncharacteristic purchases are mine.
Post a Comment