Bangkok airport scam and fake police

bangkok airport shop

We good citizens are trained from an early age to respect authority. It’s not easy to ask a uniformed policeman for identification, or even a plainclothes officer who flashes a badge. And if we were to request ID, how closely would we scrutinize it? Would we detect a fake? What about identification in a foreign language, Thai for example, or Russian?

What’s the difference, anyway, between a pseudo cop—an impostor—and a legitimate but corrupt official? Both rely on their perceived authority, both act fast (before they’re found out, by the victim or others), both do the shake-down dance in one form or another. We, the good citizens, never see it coming. “It all happened so fast,” one victim told me, “I knew something wasn’t right, but I didn’t have time to think.” We’re more than victims of crime here. We’re victims of our upbringing, we who are taught to follow rules and obey laws.

Bob and I were accosted by pseudo-cops in Russia. I can tell you, it’s frightening, especially when the scene expands to include additional players. Sydney’s had them, and so has Barcelona. Stockholm’s in the news now with pseudo cops stationed at ATMs frequented by seniors, collecting PIN codes under the guise of “regulation.”

BBC News reports a horrific scam that takes place in the Bangkok airport. A number of travelers browsing the duty-free shops have been accused of shoplifting, put in jail holding cells, and forced into negotiations that amount to police extortion in exchange for their release. They’re being tricked into relying on the advice of a man who seems to be a police accomplice.

One of the victims in this report, Stephen Ingram, was taken by airport security to a police office, put in a cell overnight, then given an interpreter. The interpreter took him (and his travel companion) to a police commander who attempted extortion of over US$12,000 and threatened a prison stay of two months before they’d even get their case heard. After paying a portion of the “bail,” Mr. Ingram and his travel partner were put into a hotel and told not to leave, not to contact a lawyer or their embassy, and cautioned that they were being watched. They eventually escaped and got the their embassy, where they learned they’d been victims of a classic Thai scam called the “zig-zag.”

An Irish woman was subjected to the same scam when she made a small purchase at the duty-free shop. She bought an item of makeup, which the shop clerk put in a bag; a customary practice, right? On leaving the shop she was surrounded by security guards shouting ‘You! You! You go jail six months.” The shopping bag contained an item not paid for. Did she steal it? Did the shop clerk plant it? Did the guards? The woman was held overnight “in filthy conditions,” and eventually had to pay up to free herself and her passport.

In her case, the Irish woman thought she had purchased two items. She paid by credit card but didn’t pay attention to how many hundreds of baht she was charged. Did the shop clerk intentionally charge for only one item, as a set up? Why, otherwise, did security immediately pounce on this customer?

Both of these examples begin with the company called King Power, which runs the airport duty-free shops, and both include collusion by government officials and others. King Power has tried to substantiate some of its accusations with surveillance video, and has three cases “explained” on its website.

In an article in the Irish Daily Mail, Andrew Drummond wrote that in Thailand (where he is based), this is called the “Monopoly scam, ”

not so much because of the high amounts of money involved but the fact that victims…could buy …˜Get out of jail’ cards to escape airport shoplifting charges. These …˜cards’ were letters issued by the local prosecutor and police.

Fake police with false ID at Bangkok airport. How is one to know what's real?
Fake police with false ID at Bangkok airport. How is one to know what's real?

Bangkok airport, it seems, is infested with scammers, corrupt officials, and according to the pictured article, pseudo-cops. There are more horror stories:

Paul Grant and Lynn Ward, both from the UK, separately reported another Bangkok airport scam. In this one, incoming passengers are instructed by a customs officer to put their duty-free items into their checked luggage when they retrieve it from the carousel, and that they should not declare the items, “or they will be prosecuted for smuggling.” When exiting the customs area, other customs agents “discover” the undeclared items, and levy hefty fines or threaten jail. ATMs are conveniently located beside the customs office, or travelers are escorted to machines in order to withdraw the large sums charged.

If you haven’t read this or another warning specifically about the shake-downs in Bangkok’s airport, you haven’t got a chance should you be chosen to be a victim.
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

Hotel oddity #2

In our hotel bathroom.
In our hotel bathroom.

We had a large and beautiful room at the Corinthia Lisboa Hotel in Lisbon. The business hotel’s casual restaurant, Tipico, is excellent, and features a highly-polished version of Portugal’s mosaic sidewalks on the floor. Our room contained every convenience.
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

Kill bed bugs with heat

Kill bed bugs with heat
Display at a tourism safety and security conference.
Display at a tourism safety and security conference.

Bed bugs, we read, are living in hotels everywhere, dining on us. As a frequent hotel guest (200+ days a year for 16 years) I’m surprised that I’ve never noticed them. Mosquitos are attracted to me and I react badly to their bites. But bed bugs—I haven’t run into. Or maybe I repel them.

Kill bed bugs with heat

A large display at the recent California Tourism Safety and Security Conference caught my eye. The company provides a bed bug-baking service for any size space. Four hours at 130° does it, they say. Maybe less. Confidentially. So your neighbors (or other hotel guests) don’t know you’ve got bed bugs.
Ick.
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

A pudding

Malva pudding; weekly mail pudding

After twenty years of baking this decadent dessert, which I’ve called by a name I’m quite fond of, I must finally, if fleetingly, commit to its spelling. I’ll take its lovely, ambiguous, oral name, so full of interpretation, possibility, and nuance, and relegate it to a finite, deficient, inadequate written one which prevents the mind from wandering.

Malva pudding; weekly mail pudding
A Malvalous dessert.

Twenty years ago (wow!) Bob and I took a one-year contract in South Africa. We were given an apartment with two servants, a cat, and pesky baboons (another story), and a rudimentary kitchen. At some point I started baking a dessert recipe that I found in the local alternative newspaper, The Weekly Mail. Part of a flour ad, the recipe had a dull, generic name, something like Snowflake Flour Pudding, or Baked Apricot Pudding. I’ve called it Weekly Mail Pudding ever since but, not having written of it, I’ve never had to spell it. I’m sad that I must now, in order to tell the story of the pudding. Bob and I refer to it so casually that, when I serve it to friends, I forget how odd the name sounds.

Malva pudding; weekly mail pudding
Carmelized comfort.

Malva Pudding

That was the first third of the story. The third third is the recipe itself, at the end. The second third is this. A few months ago in Cape Town, I suddenly came to realize that this dessert is properly called Malva Pudding, and is a South African classic of Dutch origin. (I should also mention that pudding is a generic British term for dessert. This one is a moist cake; not at all a custardy pudding.)

Bob and I stopped at a Cape Town cafe for coffee. I sat down and opened the laptop while Bob looked at the treats on offer. He returned to the table with a gorgeous little cake, not much bigger than a muffin. Its deep brown, shiny surface had large pores and a little buttery froth, like an over-tanned face with a smudge of Coppertone. The cake was not decorated or garnished. It looked moist, and smelled like toasty caramel. Makes my mouth water just thinking of it, even now.

“What’s that?” I asked Bob.

“I don’t know, it just looked good,” he said.

“Looks like Weekly Mail Pudding,” I said.

One bite confirmed it. Examining the cafe’s display case, I saw that the cake was labeled Malva Pudding.

Subsequent research indicates that apricot jam is one of the dessert’s defining characteristics. I never sense much flavor from the jam. Therefore, I’ve always used whatever jam I have on hand: ginger, orange, raspberry…. I used pomegranate jam in the one pictured here.

I give you my scrumptious version of this recipe on the conditions that, if you call it anything at all, you call it by its lovely, ambiguous name; that you refrain from writing its name; and that you forget any spelling of the name that you’ve seen here.

The recipe:

Weekly Mail Pudding

    1 Egg
    1/2 cup sugar (125 ml)
    2 T jam (25 ml)
    1 cup milk (250 ml)
    1 t baking soda (5ml)
    1/4 t salt (2 ml)
    1 cup CAKE flour* (250 ml) (or “self-rising” flour)

 

Directions

    1. Preheat oven to 350 F. (180 C)
    2. Butter a glass baking dish, at least 12″ x 7.5″x 2″. (18 x 30 x 5 cm) Preferably a little larger.
    3. Beat egg and sugar and salt together well.
    4. Add the jam and mix well.
    5. Mix the milk and baking soda together.
    6. Add flour and the milk mixture alternately to the egg mixture, beating well.
    7. Pour into the greased glass ovenproof dish.
    8. Cover the dish with a lid of foil.
    9. Bake for 40 minutes.
    10. Meanwhile, make the sauce.

 

Sauce

    1 cup milk (250 ml)
    1/2 cup water (125 ml)
    1 cup sugar (250 ml)
    4 oz. butter (125 g)
    1 t vanilla (optional) (5 ml)

 

Directions

    1. Place all ingredients together in a saucepan. (Use a large enough pan; say 2 quarts or 2 liters. Don’t walk away; it will boil over!)
    2. Stir until the sauce boils, to dissolve the sugar.
    3. Boil mixture for 5 minutes.
    4. Take the pudding out of the oven, uncover it, and stab it here and there with a knife.
    5. Slowly pour the boiled sauce over it.
    6. Return it to the oven, uncovered, for 15-20 minutes or until the pudding is brown.

You might serve the pudding with whipped cream, ice cream, or custard, but I think that’s overkill.

Cape Town's Table Mountain.
Cape Town’s Table Mountain.

Kitchen notes:

    •No cake flour? From 1 cup all purpose flour, subtract 2 T of it. Add 2 T corn starch.
    •Yes! you can use soy milk instead of dairy!
    •Placing a sheet of foil on the oven floor may save a nasty clean-up.

All text & photos © copyright 2008-present. All rights reserved. Bambi Vincent

The mosaic sidewalks of Portugal

Portuguese sidewalk artisan

I came across some calceteiros in the process of creating the gorgeous Portuguese mosaic sidewalks.

Portuguese sidewalk in progress

Portuguese mosaic sidewalk

In time, shoes polish the mosaics to a slippery shine.

Portuguese sidewalk

In Lisbon, a Carpet of Stone Beneath Their Feet is an excellent article on how calçada (patterned pavements) are made, the history of the mosaic pavements, and Escolas de Jardinagem e Calceteiros, a City school where this unique stone paving is taught. Highly recommended, if you enjoyed my little article.

All text & photos © copyright 2008-present. All rights reserved. Bambi Vincent

Skimmers and credit card fraud (more)

Credit card fraud: Would you notice if a skimmer were attached to an ATM?
Would you notice if a skimmer were attached to an ATM?

Skimmers, officially called magnetic card readers, capture the data on a card’s magnetic strip. Exactly what information is that?

Credit and debit cards have three “tracks” of data. Track 1 stores your name, account number and expiration date, and discretionary data to verify the PIN and security code. This information goes to the point of sale terminal, and allows your receipt to include your name and the last four digits of your account number.

Track 2 stores similar information coded and formatted specifically for the banking industry. This is the data that, from a merchant, goes to the bank via modem. Actually, it goes to an “acquirer,” a middle-man organization that authenticates the account data and guarantees payment to the merchant.

Track 3 was supposed to store biometrics, like a photo and thumbprint, but the banks decided it was too expensive to implement and do not use track 3 at all. It’s sometimes used on non-bank cards: airline cards, hotel and club memberships, etc. Track 3 is also writable.

Credit card fraud

Credit card fraud: ATM: sucks data, spits cash.
ATM: sucks data, spits cash.

Legitimate mag-strip readers are everywhere. Illegitimate ones, which I’ll refer to as skimmers, are, too. They may be stuck onto the faces of ATMs or gas pumps (possibly detectable). They may be attached to a merchant’s point-of-sale terminal (undetectable by customer, should be detectable by aware merchant). They have recently been found inside gas pumps (undetectable). Tiny, handheld models are used by waiters and others who swipe credit cards legitimately; they make an additional, criminal swipe through the portable skimmer.

Mag-strip readers are easily, legally purchased. The largest distributor is (no surprise) just outside Las Vegas. Bob met with the owner of the business, and bought a skimmer. The owner claims that his largest customers are schools and libraries, which buy in bulk in order to record attendance and keep track of books. I’ve heard from law enforcement that his biggest customer is the FBI, which buys skimmers, encodes them with trackable ID, and lets them fall into the wrong hands.

Our skimmer, pictured below, captures all three data tracks. Bob could have bought one half the size with twice the storage and a bluetooth interface for twice the price. The kind just pulled from the apron of a waiter at a high-end restaurant at Caesar’s Forum in Las Vegas—a restaurant frequented by a celebrity clientele (i.e. high-limit credit cards).

Whether obtained by an employee using a handheld skimmer, or one attached to stationary equipment, card data is gathered and stored, then collected by wired download or wireless transmission. Then what?

Someone called “afterlife” wrote:

Credit card theft is a growing problem but it does not happen the way most people envision it. It’s not the lone hacker who goes it alone to compromise one site and sell the credit card numbers to fraudsters.

These days it’s a network of carders who each have a specific role. Roman Vega of Boa Factory fame was known for having lawyers, botnet owners, hackers, traffickers, and pushers all on staff. These days the professional carder will knock over several merchants and store the information without using it for up to two years. Once they have amassed enough information they join the databases together forming a master datasheet on peoples lives.

Once they join databases with your credit card number and others with your e-mail address they can perform ‘spear phishing’ where they send you a targeted e-mail, with your credit card number, asking for your PIN number.

Credit card fraud: Portable magnetic card reader, aka skimmer.
Portable magnetic card reader, aka skimmer.

Credit card fraud is highly organized, en masse. Besides phishing and spear phishing, data is also written to new cards. These new cards can be blank stock, stolen cards (where sometimes the encoded data does not match what is printed—but who notices that?), gift cards, or shared-value cards. Mag-strip writers can be purchased as easily as mag-strip readers; and some models of readers just need a little extra software in order to write.

Everything one needs for credit card fraud can be learned or purchased on “carder sites.” Skimmer “dumps” are sold in lots, with payment made via Western Union. Here’s a typical “ad,” found among Afterlife’s blog comments (link above). This one’s about six months old:

The Best Dumps for a Good Price. Selling USA.
Hello dear friends. I’m a Memfis.
I have USA dumps, and some Asian.…¨I have a good price for it:
USA…¨20 USD CLASSIC, MASTER…¨25 USD VISA GOLD…¨30 USD VISA PLATINUM AND BUSINESS
ASIA…¨80 USD CLASSIC, MASTER…¨100 USD PLATINUM
I have my own base, good approval percent …“ about 90%…¨USA and Asia …“ 101 only. But I dont have EU bins.
USA …“ original track2.…¨Asia …“ both tracks are original, track1 and track2.
Payment is Western Union.…¨I’m sending order only after recieving payment, in 3-24 hours.…¨I have a replace pocily, but i should know what cards declined or holdcall in 24 hours, to replace it, in other time i wont replace.
For real buyers:…¨I can proove my quality, message me my ICQ.

Credit card fraud: Latest ATM skimmer, with measurement in centimeters.
Latest ATM skimmer, with measurement in centimeters.

Here’s a good thing: some of these gizmos hidden in gas pumps cause the pump to fail, so they’re found. But there’s bad news, too. Data from skimmers slyly hidden in gas pumps and other good places is often not used for three or four months. Why ruin a good thing if the skimmer is steadily transmitting account numbers and PINs? When credit card holders start reporting fraud, the common merchant on the victims’ accounts will be investigated and the device will be pulled. Has your card already been skimmed? Has mine?
© Copyright 2008-2013 Bambi Vincent. All rights reserved.

Read our summary page of pickpockets, thieves, scammers, and skimmers.

High-tech identity theft today

LVMPD Detective Kim Thomas
LVMPD Detective Kim Thomas

…¢ Identity theft is now the number one crime in the world.
…¢ Las Vegas is number one in the U.S. for ID theft; even though it’s estimated that only 20% of the crimes are reported.
…¢ The FBI estimates that seven out of every ten stolen dollars end up in Las Vegas. There’s more money in Vegas than most places. Hence Vegas’s place at the top of the ID theft heap.

These wispy facts were spit out by Las Vegas Metro Police Department Forgery Detail’s Detective Kim Thomas at the start of his recent identity theft presentation. Then he got to the scary stuff.

I recently wrote about “profiles,” the findable bits of personal information about an individual. A utility bill constitutes a profile, though not as good of one as a loan application. Envelopes, receipts, statements, are others.

Detective Thomas emphasized the importance of shredding all documents before discarding them. Then he pointed out how something as simple as a discarded box can trigger both a burglary and ID theft. He gave the example of a resident getting a new plasma tv. A trawling thief spots the box at the curb on trash day. He watches the house and notes when it’s unoccupied. Then he steals a truck, kicks in the front door (that’s how they break in nowadays, Det. Thomas explained; no finesse involved), grabs the tv—and the pile of bills in the kitchen at the same time. “Even a box has value to someone,” he said. “Cut it up.”

We can shred.

We can break down our discarded boxes, or take them to dumpsters.

We cannot control how businesses store and discard our data. (My own little example: I went to a health clinic where patients are given forms on clipboards to fill out and return to the desk. When I returned to the unattended desk with my completed forms, I stood staring at other patients’ medical histories and Social Security numbers on the clipboards they’d left on the desk as instructed.)

Credit card data skimmer: the size of a Bic lighter.
Credit card data skimmer: the size of a Bic lighter.

But here’s the big thing now: skimmers. Wait! You think you know, but I’m about to describe the very latest in skimmers; not the deck-of-cards-sized box in a waitress’s apron, not the big old multi-part plastic set-ups of yesterday stuck onto ATMs. If you’re not sure exactly what a skimmer is, read the three little paragraphs of my previous post. In the old days (not very long ago), waiters and store clerks were given skimmers to swipe credit cards through and they were paid for the data they collected. But a waiter might talk if caught. A store clerk will be watched if suspected, leading police to the skim-master. And how many cards can they skim in a day, anyway?

Skimmer with keypad taken off ATM.
Skimmer with keypad taken off ATM.

Old news: nowadays, skimmers are attached to the fronts of ATMs and gas pumps. Yeah, we know. But you probably don’t know how impressive the latest version is. It’s tiny: 3.5 inches long, by a half inch by a quarter inch. It’s almost impossible to detect. It contains batteries charged by an induction plate and stores data on a camera memory card. It attaches to a thin number pad overlay to capture PINs, and as a secondary method, also has a motion-activated video camera (jury-rigged from a high-end mobile phone) which is time-tagged to match up with the right credit card info. It has a bluetooth transmitter that allows remote, anonymous downloads, which means the skim-master doesn’t have to go near the scene of the crime, once the thing is installed.

About 40 of these tiny self-contained data-collectors have been recovered in Las Vegas in the past month. Probably more by now. Certainly more still out there, too.

Where do you get your gas?

Skimmer (somewhere) inside a gas pump.
Skimmer (somewhere) inside a gas pump.

Yes, they’re still stuck onto the fronts of ATMs. But they’re also put inside gas pumps. How do you open a gas pump? Use the same key that opens an RV storage locker, five bucks online. LVMPD found that one of these skimmers can be installed in eight minutes flat. Which, they figure, means the skim-master can probably do it in seven.

Edited 3/15/10 to add: Detective Kim Thomas explains how skimmers are hidden inside gas pumps in about 11 seconds. Yes, 11 seconds!

Yes, there’s more to tell.
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

Traveling with luggage

Halliburton

Halliburton
Halliburton aluminum luggage. Goes anywhere.

I’m sure it sounds obsessive to mention the necessity of onboard watchfulness when you fly. The likelihood of theft while on an aircraft is low, granted; but it’s unpredictable, and that’s the problem. If you’re carrying valuables, say cash, jewelry, even credit cards, you may as well continue with your precautions. The risks are to the carry-on items you can’t see: those in the overhead compartment can be ransacked practically under your nose—or above your nose. Those under the seat in front of you are vulnerable if you sleep or leave them while you get up. [Read Kayla’s experience, below.] I want to stress that these are low-probability scenarios, especially if you’re not traveling alone. Your degree of precaution must harmonize with your comfort level and the value of the items you carry.

Sadly, suitcases are occasionally compromised while in the airlines’ possession. The odd unscrupulous employee needs only the moment of opportunity. It’s well-known that most luggage locks are next to useless. Keys are generic, and even combination locks have certain pressure points which free latches.

Halliburton

Bob and I believe in hard-sided luggage. The ones we use are aluminum, made by Zero Halliburton. They’re not for everyone, being both heavy and expensive. But when our bags were forced with a crowbar or other tool somewhere on the nether tarmac of the Miami airport, the locks and hinges held tight. Shiny scars in the seam, as if gnawed by a metal-eating mouse, were the only evidence of serious tampering.

Halliburton
Who’s throwing your luggage around?

As we watch our silvery Halliburtons trundle off toward baggage handlers in Lusaka, in Santiago, in Mexico City, filled with sound and video equipment or perhaps with our favorite shoes from Florence, we’re eternally grateful for and confident in their sturdy locking mechanisms. Even more so after trying desperately and failing to break into our own locked suitcase when it jammed once in London.

Of course bags like these do call attention to themselves and an argument can be made for using inexpensive luggage. One world-traveling couple we met swore by the cheap stuff. After repeated thefts from their Louis Vuitton cases at Heathrow airport, they resorted to department store brands, buying new bags every year or so. A small price to pay, they say, given the cost of their trip and value of their belongings. That’s their argument, but I don’t buy it. I say buy the best bags you can find and afford and use their locks [whenever possible].

Excerpt from Travel Advisory: How to Avoid Thefts, Cons, and Street Scams
Chapter Three (part-e): Getting There—With all your Marbles

Theft on a plane

“Kayla,” a 15-year-old girl, told me how her wallet was stolen on a cross-country flight. Her mother and sister supported Kayla’s story. The thief was a 35ish woman sitting next to her. In the middle of the flight, the woman bent down and pretended to be digging in her purse. But Kayla felt something and looked, and could see that the woman was digging in her (Kayla’s) purse. Kayla said she was too scared to say anything. The woman got up and went to the bathroom. Kayla checked her purse and found that her wallet was gone. She told her mother. Then she and her mother told a flight attendant. The flight attendant found the wallet in the bathroom, missing only Kayla’s cash. Kayla was still too afraid to say anything to the thief. When the plane landed, the woman just left.
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

Skimmers for credit card fraud

credit cards

A little background, as reference for my next post:

A skimmer is a battery-operated device smaller than a deck of cards with a slot for swiping credit cards. It reads and stores data embedded in the magnetic strip on the back of the card. Restaurant waiters are the typical recruit, given the contraption and requested to swipe each credit card as they take customers’ payments. At the end of the shift, the data collector shows up with a computer and downloads the skimmer’s memory, which might hold the information from a hundred or more cards.

This is effective data collection; and the waiters—for the data collector solicits many of them—may not even understand the purpose of the exercise for which they receive a nice little tax-free chunk of change. Restaurant and service station employees are reportedly earning over $100 for each credit card they skim.

Meanwhile, the customer has no way of knowing that his credit card has been skimmed. Some privacy advocates and security experts recommend that you never let your credit card out of your sight. I find this advice impractical to the point of impossible, but it’s a question of compromise: convenience in exchange for risk. Each of us must decide where to live along that scale. While I might hand my credit card over to a waiter for processing, you might decide to follow him to the charge machine and supervise the transaction.

Excerpt from Travel Advisory: How to Avoid Thefts, Cons, and Street Scams
Chapter Nine: You’ve Got a Criminal Clone

…¢ …¢Â …¢Â Yeah. That was then. Wait ’til you read about now!

ID theft buffet

shredder teeth

A former mortgage broker put 40 boxes of customers’ personal information into a Las Vegas dumpster. It was December 2006, but we all knew enough about identity theft already to know better. The Fair and Accurate Credit Transactions Act of 2003, effective in 2005, requires the proper disposal of consumer report information and records, as does state law.

The boxes were found and put into safekeeping, probably before any documents were stolen from them. The Las Vegas Sun reported that the boxes contained “tax returns, mortgage applications, bank statements, photocopies of credit cards and drivers’ licenses, at least 230 consumer reports, and other documents containing sensitive consumer information.” Only now is the Federal Trade Commission charging former mortgage broker Gregory Navone with violating the Act.

shred

Five gone-bust mortgage brokers dumped documents at around the same time—five that we know of. We can assume that many others dumped docs too, or deserted their premises complete with documents, which were left for the bad guys to find. No wonder Las Vegas is at the forefront of fraud and identity theft.

Bob and I recently spent many hours with a tweeker (meth-addict) during one of her clean and coherent spells. I’ll call her Kristin, because I can’t use her beautiful, real name. The time was just between her release from jail and her next bust. She had a job, her family had taken her back in and were supportive, and she was poring over a university catalog. She was full of hope and determination.

But the boyfriend…. Still in prison, a meth-cooker and ID thief, due out soon, demanding daily phone calls to keep his girl tied to the old life…

Right. He got out and Kristin disappeared. Back into the cycle of drugs and ID theft. We could have cried for her, this pretty 21-year-old. She was smart, but not strong enough to resist the lure of meth and easy money.

When she was high, she told us, she knew she’d never be caught; she was too clever. She knew she was going to get caught; she was always looking over her shoulder. Confident and paranoid.

In those hours we spent with Kristin, she told us how she used to “get profiles.” A profile is information about a person. It doesn’t have to be much because with a little goes a long way. With a little, you can find the rest.

Her favorite way to get profiles was out of dumpsters located behind businesses. She’d also get quick-credit apps from insiders in casino booths, who’d allow her to take a few off the top on the way to the shredder. Car registrations were good, too, easily found in glove compartments.

With the profiles, she created IDs. First simple ones, just good enough to allow her to purchase the special inks and papers needed to print government IDs. She had the precious printer, but supplies for it are regulated. For Kristin, easy to get around with a simple fake ID, a sweet smile.

With her newly minted IDs and profiles (for herself and her pals), Kristin and her team leased cars. Cadillac SUVs, to be specific, whatever they’re called. They always drove the latest models. They had an endless source of identities, cash, and credit.

They lived in motels, where they set up their mobile meth labs. Kristin, just the clean-up girl in the operation, got too close to the fumes once and got chemical burns on her face, neck, chest, hands, and arms. She was scabbed over for a year. She pointed out the scars, and the thick makeup she wore on her face to minimize them.

In a moment of desperation, Kristin once grabbed the profile of a wealthy family friend from her father’s home office. Tears trickled down her cheeks as she told us how she destroyed the man’s credit—and her father. Because he knew. She was ashamed of herself; mortified. Now she recognized that she was out of jail on an incredibly lucky break. She was going to study to become an architect. She was going to return to ballet.

Kristin’s back at it again, getting profiles, getting cash and credit on other people’s good histories, wreaking havoc. She and how many others?

Many people tell us they’re afraid to shop and bank online. But these activities are not a big factor in identity theft. The real threat is out of our hands. It’s how others keep our information. Big businesses with databases. Small businesses with manila folders. Mom & pops with a property to rent and an old box of rental apps (as I recently found in my garage—and shredded).

One man’s garbage is another’s fortune. Kristin and her friends are ready to exploit that old, forgotten information.

But there’s worse. Much worse. I’ll write about that soon.

© Copyright 2008-2009 Bambi Vincent. All rights reserved.