- Dug out of trash cans and dumpsters, known as "dumpster diving"
- Memorized or copied by sales clerks and waiters
- Removed from your mailbox in the form of tax notices, financial account statements and other bills before you have a chance to get them or even know they are there
- Removed from your employer's files, either secretly or with the help of an inside accomplice
- Removed from your hospital records, usually with the help of an inside accomplice
- Removed from your financial lender's files
- Removed from your landlord's files
- Purchased (or found free) in online (or offline) databases
- Collected from "cloned" Web sites (Someone may recreate a legitimate merchant Web site in order capture your personal information and credit card information when you place an order.)
- Stolen from a merchant database through computer hacking (This is not as simple as other forms of theft.)
- Stolen through hacking into commercial Web sites or your personal computer and using software to mirror keystrokes to capture credit card account information
- Collected from "cloned" chat rooms that include links to outside Web sites that offer services or products (None of these are real merchants; your information is simply gathered so the criminals can make purchases elsewhere.)
Basically, anywhere you've provided that information can be a target. Often, employees who have access to the information are bribed or offered a cut of the profits in exchange for personal information about other employees. The more sophisticated the perpetrator, the more money is stolen and the more people scammed. Clerks can even put skimmers on the credit card machines that will record credit card information for later use. Temporary employees seem to be more frequently involved in identity theft scandals than permanent employees, simply because fewer background checks are done on them.
What about all of the publicly available information someone can access about you? Sources for this information include:
- Public records - These records that are open for public inspection include driver's license information, real estate records, business records, vehicle information, certain types of professional certifications and licensing information, and any other types of data collected by public entities.
- Information that is publicly available - This means non-government information that is found in newspapers, such as classified advertisements and reports, as well as phone book entries.
- Open-source information - This refers to information about you that may be found in periodicals and on Web sites.
While some information about your life is pretty well protected, such as medical, financial and academic records, your other identifying information (social security number, home address, etc) is not so protected. One scary statistic: According to the Federal Trade Commission (FTC), in 2000, 19 percent (as opposed to 13 percent in 2001) of all victims of identity theft who completed that section of the FTC complaint form had a personal relationship with the thief; 10 percent of those thieves were family members.