Full slide deck from February 12, 2014 Webinar.

1. Welcome to the Financial Management Institute
WednesWdaye, Fbeibnruaarry 12, 2014 1:00pm EST
I.D. Theft: Fallout,
Investigation, and
Prevention

2. Panel:
• Jennifer Fiddian-Green, CPA, CA-IFA,
CMA, CFI, CFE, CAMS, Forensic
Accounting, Investigations and Anti-Money
Laundering, Grant Thornton LLP Canada
• Dt. Ian Nichol, Detective at Toronto Police
Service Financial Crimes Unit
Moderator:
• Lori Glen, FBMC Executive Coordinator at
Ministry of Finance, Government of Ontario

3. Who’s Collecting Your Data?
Do you Trust them?
Jennifer Fiddian-
Green
Partner, Grant Thornton

4. Identity Theft and Mortgage Fraud
• Received call from mortgage
company collector: 'late on payments
and where was the money?'
• Two properties, each with a
mortgage, located in Brantford,
Ontario
• Together likely worth about $360,000;
registered mortgages totaled
$494,060

5. Identity Theft and Mortgage Fraud
• Two different financing companies lent
money to organized group using my name
and SIN number.
• No actual interaction with the ‘customer’-
transaction completed through phone call,
fax, and mortgage broker.
• Other than name and SIN, all other
information on file was false.

6. Equifax and TransUnion
• Obtained reports electronically from
websites…
• Concern immediately was the number of
organizations who had accessed credit
information (as opposed to there being a
lot of credit accounts that I was not familiar
with)

7. Attempts Made to Obtain Financing
Interestingly… I identified 12 attempts to
use my credit to obtain financing, only 2
attempts were successful. What happened
in the other 10 cases?
Fraudsters learned with each attempt made (but the
last two were not the successful two). The application
did get better and better. In the beginning the
‘FiddianGreen’ application was likely not that
sophisticated

8. How can you be aware of the damage
 Any number of things can have already
occurred:
• Money is withdrawn or transferred
• New accounts or loans have been created
• Credit cards or any goods & services ordered.
• Retail purchases
 Damage to credit records and
other negative impact can
be irreversible

9. Signs of being victimized
 Creditors mentioning and requesting funds for
unknown loans
 Notices of denied applications or other letters
hinting at unknown activities
 Bills for goods and services
 Missing statements or mail indicating that
correspondence is being diverted
 Banks contacting by email or telephone,
indicating to go to branch and get a new card

10. How Easy is it to Obtain the Personal
Information…
• Theft of mail/mail diversion
– Completing a change of address form
– New cheques, bank and credit card statements, promotional offers
– Tax information/forms
• Organizations, government, businesses and institutions
– Stealing/hacking information from employer: data on servers, screen shots,
photos
– Thieves infiltrate as employees
– Bribing targeted employees who have access to records
– Social engineering - “conning” information out of employees
– "Lost" data as it is couriered, transported between locations
• Theft of credit or debit card numbers
– “skimming” - capturing cardholder information in a data storage device

11. How Easy is it to Obtain the Personal
Information…
• Courier carriers- lost data after pick up
• Credit reports
– abusing their authorized access from their employer
– posing as a landlord, employer, or someone else who may have a legal right to
access your report
• “Dumpster diving”
– rummaging through trash and dumps
• Physical theft of wallets, purses, electronic
storage devices, house break-ins

12. …the Data is Accessible, So Many
Sources…
• IT servers, where are these today?
Outsourced operations, CLOUD computing
• Garbage, recycling, 'secure' document
destruction
• “Phishing” and “pretexting”
– Theft of personal information by posing as legitimate companies claiming
that you have a problem with your account. Telephone and
computer/email
• Keystroke logging, data copiers

13. The Bigger Picture
• The integrity and credibility of our
systems is essential, foundational. We
need to be diligent
• Protection of personal information is
paramount: Organizations, credit
bureaus. businesses, government need to
be vigilant!
• Lending organizations need to be
proactive in work undertaken to know
their customer
• Managing fraud risk costs money. Where

14. Visiting the Two Mortgage Companies
• CIBC issued the mortgage using their
‘Firstline’ branding, I was a legitimate
customer at the time
• Other company- non-conforming mortgage
company, they called me looking for
payment, same broker had 2 other deals
that resulted in ID theft, appears she was
targeted by fraudsters
• Understand that both of these companies
are victims.. But also unwitting enablers!

15. Calling the Seller!
• Within about three days I had reached a
point where I knew (or thought!) the next
step was to contact the seller of the
properties
• Same name in each case- ‘the husband’

16. How Could This Happen?
• Financing/lending companies
• Appraisers
• Lawyers
• Mortgage Brokers
• Real Estate Brokers
• Credit Agencies
• Land Registry Offices
• Hot real estate market, increasing prices

17. So it’s about information
Minimum amount of information to impersonate someone
is simply a name but access to the following can cause
real damage
 Full name
 Date of birth
 Social Insurance Numbers
 Full address
 Mother’s maiden name
 Username/password for
Web sites

18. Observations on Identity
Theft
Detective Ian Nichol
Toronto Police
Service
Financial Crimes Unit

19. Identity Theft Provision: Bill S-4
• Enacted January 8, 2010
• Recognized identity theft was not
sufficiently addressed in Criminal Code
• Created new offences for acts that were
related to fraud/personation, but not
specifically illegal.
• Electronic interception now authorized for
offences related to forgery, identity
documents, and personation

20. New Offences Created
• Identity theft & Trafficking of Identity
Information
• Personation to avoid arrest, prosecution, or
obstruct justice
• Possession & trafficking of forged documents
• Make, repair, trafficking of forgery
instruments, credit card forgery devices
• Possession Canada Post mailbox key
• Fraudulent re-direction of mail

21. Toronto Police Service & Identity Theft
• Individual offences investigated at Divisional
level
• Criminal organizations dedicated to identity
theft investigated by Financial Crimes Unit,
Organized Crime Section
• Charge of Participation in Criminal
Organization seldom laid
• Most identity theft investigations relate to
Criminal Organizations, but not investigated
as such

22. Typical Investigations by FCU/OC
• True name identity theft
• Complicit identity theft
• Payment card cloning
• Profile creation. (Not identity theft, but
identity creation)

23. True Name Identity Theft
• Account take-overs
• True-name false account applications
• “Creations” from true identity
• Fraudulent advance tax returns
• Title theft
• Vehicle lease/theft
• Immigration fraud
• Warrant avoidance
• Avoidance of travel restrictions
• Laundering proceeds of crime

24. Complicit Identity Theft
• Ex-patriots returning home, sell identity for
exploitation
• Allow account take-over & feign being
“victim”

25. Payment Card Cloning
• Identity information (card data/PIN’s)
unlawfully obtained through ATM/POS
tampering, server breach, hacking
• Forged payment cards produced and
utilized. (Victim’s inconvenienced, but
usually assume no losses)
• “Identity Theft Light”

26. Identity theft is usually a group effort

27. Connectors & Brokers
• Middlemen with connections to persons with
access to identity information, provide
“players” with info sought
• Continuously developing new contacts within
financial community, other private sector, and
government. (wine + dine/pay per “profile”)
• Treat Identity information as a commodity.
• May do so in person, or via web
• Generally ID info is sold in “bulk”

28. Persons with access to Identity
Information
• Bank employees
• Other corporate employees
• Government employees
• Other persons with access (Doctors office,
insurance companies, etc.)

30. C-phone on bank call-taker when
arrested

31. Crew leaders directing “runners”

32. Forgers are required

33. Organized crime versus networks in GTA
• Some operate within loose networks who
maintain connections, but not aligned with
any particular group
• Others clearly operating within criminal
organizations, many of which are based
outside of Canada

34. Web enabled criminality
• Players rely heavily on underground web
for ID information
• Ability to network greatly enhanced
• Players operate internationally
• Multi-national investigations pose
problems for law enforcement

35. • Ability to operate enhanced by web based
applications that allow call spoofing, I.P.
spoofing, ID shopping
• Ability to operate internationally
• Web utilized for money laundering

36. Hamond JINADU’s “research”

37. Money laundering sites
Closed by US Secret Service

38. Call spoofing site

39. I.P. Spoofing Site

40. Skype Message to accused in
Toronto, from runner in Chile

41. About Prevention of Identity Theft
• Tolerance of identity theft is incentivized
• Those in a position to counter identity theft
actually realize financial benefit if they
allow it. (Retailers, used car dealers,
jewellers
• If approval for suspect transaction is
obtained, they get paid. No incentive to
exists detect or deter fraud

42. Social Attitudes
• “No blood, no foul”
• Non-violent, therefore, not important
• High level of tolerance towards fraud.
Banks perceived as enemies. “Victims will
get their money back”

43. Recent Identity Theft Investigations
(Crim. Org Laid)
• R v MARINOV et al (Project Holiday)
• R v JINADU (Project Easy)
• R v RAMASAMY (Project Rocket)

44. Questions and
Answers
Be sure to tune in to next month’s webinar!
• “Reflections from an International Financial Management
Professional”
• Presenter: Kevin Ross
• Tuesday, March 4th, 2014