Truth 19 Fake credit card applications

Have you ever been accosted from someone looking in one of those little kiosks as you’re walking through a mall? The solicitor intercepts you as you walk past, talking you into applying for new cell phone service, signing some whacky petition, or entering a drawing to win a brand new car.

One day I was shopping, and I noticed that people who obviously had no interest in buying a new phone or filling out one of these surveys would actually stop and listen. Next thing they know, they are testing new cell phones, filling out surveys, or signing up with high hopes of winning that brand new car. It was during this time that I had a brilliant idea. I was going to set up a kiosk dedicated to committing identity theft.

The plan

My plan was simple. I created a fake credit card company and allowed people to sign up to receive a credit card. I realized there would be a few hurdles I would need to jump through to convince people to give me their confidential information.

First, I needed a company name. So I went online and looked at names of other credit card companies. I made up the name Bankers Card Services, which sounded similar to other names that people may have heard. Next, I had a coworker draw up a few different logos. Once the logo was ready, I created a nice canvas banner that a copy store was more than happy to print for me.

With the company logo set, I now needed a hook. I went with “no interest for the first six months and no annual fees.” I then had flyers printed outlining the offer, which added legitimacy to my illegitimate business. I then worked with another engineer to create software that would allow the user to fill out the form using a computer right at the mall. Lastly, I rented a touch screen computer and ordered a professional-looking kiosk. In no time, I was Bankers Card Services and ready to begin stealing identities.

The attack

The first stop was a mall in New Jersey. I set up everything and even purchased several $5 gift cards good for use at the mall. I realized that someone a little younger and a lot prettier might have more success than me at starting successful conversations with strangers. So for this attack, I engaged Jessica, an engineer out of our Baton Rouge office.

Within minutes, Jessica was already succeeding. A friendly couple walking by, stopped, and waited patiently as Jessica told them about no interest for six months and no annual fees. As they talked, she casually walked them over to the kiosk and explained that all they needed to do was apply today to get the $5 gift card. Even if it turned out they didn’t qualify, the card was theirs to keep. Not giving the couple a moment to discuss it between themselves, Jessica had the computer screen up and was showing them where to enter their names.

The man typed in his name, address, phone number, social security number (SSN), driver’s license number, and mother’s maiden name. He clicked the Submit button and, just like that, he was a victim of identity theft. Jessica thanked them, gave him the gift card, handed them a flyer, and told them they would receive a letter in the next couple of weeks letting them know if they qualified for the card. They thanked her and walked away.

Sadly, even I underestimated just how big of a separation there is between an average guy and a pretty girl. Throughout the day, for every person that I pulled in, Jessica pulled in four or five. As we started revealing to people that this entire offer was just an identity theft attack, most had the same response: “She seemed so sweet” or “He seemed like such a nice guy.” And that’s what makes some identity thieves so successful.

People have an image in their minds of what a criminal should look like. Dark glasses, thick beard, freaky tattoos—you know, the bad guy. No one suspects the cute girl with the long blond hair, bright blue eyes, and sweet southern accent. But the criminal’s goal is to be someone you would trust—the girl next door, the guy who bags your groceries, or even someone you might let your kid date.

While the mall turned out to be a huge success, we thought it might be interesting to see how college students might react to this same attack. We packed up and took our credit card offer to Austin, Texas. We set up shop on the sidewalk near the college campus and had the same success. College kids lined up at the chance to get a credit card. Again, when we told them the truth, they also couldn’t believe that someone who seemed so nice had actually been lying to them.

Protecting yourself

By now it should be clear that, while many identity theft attacks happen over the phone, via email, or in other ways where the thief can remain anonymous, there are cases in which you will actually meet and shake the thief’s hand. You need to be certain you are not making simple and obvious mistakes that could have disastrous results.

Never give your personal information to anyone unless you are absolutely certain you know who they are and how that information will be used. I realize that sometimes you just can’t be totally certain, but it is always better to err on the side of caution.

Instead of signing up at the kiosk, ask for contact information and do your own research. If you’re told the offer is only available while you are there, walk away.

Just because the people are nice or look innocent doesn’t mean you can trust them.

Even a setup that looks professional or elaborate can be nothing but props to a thief. In reality, it took very little time and money to set up the entire fake business.

There are probably legitimate businesses that actually offer credit card applications at a mall kiosk or other outdoor locations; my advice is to stay away. If you are looking for a credit card that offers good rates, talk to your friends and see who they use. You can also check with your local banks and credit unions.