Jun 18, 2013

It's Time To Stop Allowing Any New Online Accounts

     From the Braintree  Patriot Ledger:
When the form letter from Social Security arrived, Lillian Broide almost didn’t give it a close reading. She has been receiving lots of official forms and letters lately, after going through several hospital stays and rehab programs.
“I did open it and found out there is a fraud going on that is tagging seniors,” Broide said when she called recently.
The letter on May 22 was confirming that she had recently opened an online Social Security account. It said she did not have to do anything unless this was not correct and told her to contact Social Security immediately if she had not in fact opened an online account.
“I had never gone online with my Social Security,” she said. She called right away and was shocked to discover that someone had opened an online account using her Social Security number. A few days later, she also found out someone had changed the bank account where her monthly Social Security check was to be deposited.
     What is it going to take to wake up Social Security management? This sort of fraud is exploding. It's irresponsible to allow this to continue. Stop allowing new online accounts until there's a fix! What are you waiting for?


Anonymous said...

Having opened an online account for a client, I will tell you that the security questions are very personal (e.g., at what merchant did you most recently use your Capitol One Visa card?). They are the same questions that are used to verify identity on the free annual credit report website, and many people make mistakes on the correct answers to the questions even when it is the person to whom the SSN applies.
So I have to believe this was an anomaly. I could see a very close family member knowing the answers, but a Russian identity thief? Not really.

Anonymous said...

Agreed with 9:56

The questions are very personal when they had our office employee sign up, a few couldn't pass the questions and were locked out. The questions also differ for each person, so it's not a set deal. Something bigger is going in here.

Also, it seems the rate of fraud with the online system is no higher than that of disability fraud. BTW, bank accounts were being high jacked long before this new online system, but maybe nobody cared about that either.

Anonymous said...

As poster above notes, there is a distinction between direct deposit fraud (which is an ongoing and pervasive problem) and the ability to establish an online Social Security account. The former problem has nothing to do with the latter. Only a very stupid identity thief would attempt to change direct deposit via establishing a fraudulent online Social Security account. It's too easy to just set up an online bank account, and have the financial institution do the change electronically. Setting up an online Social Security account is superfluous to the issue.

Anonymous said...

If people do not want to access internet services, they can call and have all internet access blocked on their ssn thereby opting out of the program. The other option is they could go online and establish a account with their own password and just never use it. The only danger is in not doing anything.

Anonymous said...

An easy fix is to have all social security online accounts default to " blocked". Only an in person visit to an office with proper I'd to "unblock" it. Clearly this is too difficult to implement or it would have been done by now.

I do have experience in investigating what happened to one these hijacked accounts. Albeit informally. Client brought in the letter. I searched the activity through the RCS program. The activity is time stamped. It went something like this
8:41. Account blocked (three strikes)
8:44 Account unblocked (claims representative, Jane doe, piqua, OH)
8:47 Account blocked (three strikes)
8:49 Account unblocked ( claims representative John Doe, Boise, ID)
8:52 Account created
8:54 Direct deposit change

What concerned me is that the unblocking occurred so quickly after the blocking. This means the claims reps were erroneously unblocking accounts over the phone rather than in person.

As for the ID questions, all my questions could have answered correctly if they were looking at my credit report.

This will all stay hush hush, because as soon as management concedes there is a problem, Internet for post entitlement issues will go down the drain permanently.

Anonymous said...

10:48 is exactly right, according to policy unblocking is supposed to be done face to face with ID. The fact that the account in that scenario was unblocked twice seems to indicate SSA employees did not follow proper procedure.