Free birth certificate template

Two men allegedly tried to drain the brokerage and bank accounts of America's wealthy. Cops recently cracked the case, giving a glimpse of a quiet epidemic: Identity theft.

THE NEWS LAST WEEK THAT TWO Brooklyn men had allegedly usurped the identities of such luminaries as Oprah Winfrey, George Soros and Ted Turner to steal millions of dollars proves that no one is immune to identity theft, a range of crimes that runs from stealing credit card numbers to concocting phony personas, complete with credit reports and college degrees.

That's what the New York City Police Department's Computer Investigations and Technology Unit learned when it cracked the case of Abraham Abdallah and Michael Pugliese, the two men arrested and charged with possession of forged instruments and attempted grand larceny. In a complicated scheme, the men had allegedly obtained credit reports and other information about some of America's wealthiest individuals to access their brokerage, credit card and bank accounts. Abdallah's attorney says the fact that his client had the names doesn't mean he's guilty of the crimes.

Officials could not say how widespread the crime was and which celebrities had been targeted. What they do know was that when they arrested Abdallah March 7, they found a copy of Forbes' annual report on "the 400 richest people in America." Written into the margins of the dog-eared magazine was some of the wealthy individuals' home addresses, bank account numbers, account balances and even their mothers' maiden names, which are often used as account passwords. Although the police did not release the victims' names, sources close to the investigation say they included record mogul David Geffen, Disney CEO Michael Eisner and media powerhouse Martha Stewart.

What is known was that it all began in December, when Merrill Lynch received an e-mail requesting that $10 million be transferred from the account of Thomas Siebel, founder of the software firm Siebel Systems, to an account in Australia. The transfer would have caused an "imbalance" in Siebel's account, so the brokerage contacted him. The executive said he never made the request. Merrill Lynch then found similar requests on the accounts of other well-known clients and alerted the authorities.

While New York City police detectives and federal investigators continue to unravel the plot, some hope the case's notoriety will convince local law enforcement agencies across the country to take identity theft seriously. Like other crimes the Internet has helped to facilitate, such as securities pump-and-dump operations, credit card fraud and investment scams, ID theft is dramatically on the rise. Responsibility for policing the crime on the national level is sprinkled over more than half a dozen agencies, including the Social Security Administration, the FBI, the Secret Service, the Postal Inspector's Office and the Justice Department. Leading the multi-agency effort is the Federal Trade Commission.

In contrast to the television spotlights that shone on last week's case, FTC attorney Jim Kohm and his assistants work in quiet anonymity. Most of their work takes place in a small computer lab at FTC headquarters in Washington. The lab is crowded with attorneys and investigators surfing the Web. Bleary-eyed staffers come and go. The investigators download evidence onto Zip disks and pore over computer printouts.

Kohm is hunting for Web sites that offer to sell you someone else's identity or an entirely fake identity -- just one of the many ways that the Internet can facilitate identity theft. By themselves, the objects of the crime seem innocuous enough: Social Security numbers, addresses, birthdays and other personal data. But taken together, they allow a thief to use someone else's driver's license number, birth certificate, security clearance or even a college degree as if it were his or her own.

The tools of Kohm's trade are simple: off-the-shelf software, including Web Detective, Snagit and Sam Spade. But the team's task is overwhelming. The agency expects to receive more than 100,000 calls this year from people affected by identity theft. "It's like trying to put the toothpaste back into the tube," says Kohm.

The irony of the Internet's role in all this is that it makes so much personal data available to steal while allowing criminals to work anonymously. And after assuming a new persona, the thief exploits the Net's lightning speed to quickly use his or her new identity for profit.

Last week's incident could be the biggest scam yet in an epidemic of identity theft, which has been a federal crime since 1998. The FTC, charged with helping consumers whose identities have been misappropriated, received between 100 and 200 calls a week when it opened its toll-free help lines in November 1999. Now it gets as many as 2,000 calls a week.

During a recent surfing session, Kohm stumbled across a site that would let him buy forms to make false driver's licenses, birth certificates, student IDs, permits to carry concealed weapons, bartender cards and other types of identification materials. Some of the site's metatags -- hidden words or phrases used to help search engines identify and index a site's content -- included "illegal ID," "fake ID fraud," "forging documents" and "how to create a new identity."

The ID site offered two levels of service. The first let visitors download and print forms for free. The other provided a better quality template but required membership fees ranging from $29.99 to $49.99. Using a fake ID template from the site and a link to a Social Security number verifier program, it took FTC investigator Glen Aldridge less than 10 minutes to find a Social Security number that was issued in Utah in the birth year she was looking for. (Numerous Web sites provide information on Social Security numbers for a small fee.) Later, she was able to verify the name and address of the person with that Social Security number. Other information that was readily available online included birth date, previous address, spouse's name and telephone number.

After having her picture taken with a digital camera and downloading the forms for the licenses, Aldridge became Laney McBride of Salt Lake City and Laney McBride of Tampa, Fla. Had Aldridge chosen to, she could have opened charge accounts, obtained bank loans and applied for benefits under her new name.

As it happens, this case wasn't too hard to crack -- the site's proprietor, a Tarzana, Calif., marketing specialist named Jeremy Martinez, listed his name and address on the site. In most such cases, however, the person selling access to new identities -- or ways to create a new identity -- is difficult to find.

Martinez's attorney, Megan Gray, says her client is cooperating and notes that he shut down his site in December. "He's not doing anything wrong," Gray says. "They're novelty identifications. One was for identification for the Russian mafia. It's obviously a joke. If people want to use them for other things, such as fake driver's licenses, he's not responsible for that."

Identity theft expert David Myers compares such cases to "ghost chasing." Most of the time, someone whose identity has been stolen isn't aware of the theft until a credit card bill arrives or a collection agency comes calling. Homes and cars have been bought. Driver's licenses secured for ineligible drivers. Underage drinking facilitated. Taxes evaded. Fraudulent loans obtained. And, in the New York case, it appears that brokerage accounts have been debited.

"It's a very difficult case to work," says Myers from his Tallahassee, Fla., office, where he is in charge of the Fraudulent Identification Program for the Florida Division of Alcoholic Beverages and Tobacco. About 30 percent of the false ID documents his office seized in 2000 were obtained on the Internet, up from about 1 percent the previous year. Myers expects that figure to rise to more than 60 percent in 2001.

Until recently, identity theft was considered primarily a crime against businesses -- the banks, merchants, credit card companies and others that write off the bad debts of identity thieves. But the problem hits online retailers even harder than traditional stores because businesses that have the credit card number, but not an imprint of the card and the signature of the buyer, cannot hold the card issuer responsible. That means the unlucky online retailer has to swallow the charges.

And while a consumer's liability for unauthorized charges is capped at $50, that doesn't mean identity theft is a victimless crime. In a room full of carrels at FTC headquarters, counselors calmly answer calls to the agency's identity-theft hotline. The callers are often confused and upset.