"Change of Address" Forms are Simple Way to Steal Mail, Personal Information New Legislation Requires Signed Confirmation of "Change of Address"
New York City – Changing one's address is a process that millions of Americans do every year at their neighborhood Post Office, but it's also a simple way for criminals to steal personal and financial information, according to State Senator Jeffrey Klein (D- Bronx and Westchester) Deputy Democratic Leader of the New York State Senate, Representative Anthony D. Weiner (D – Brooklyn and Queens), City Council Member Peter Vallone Jr. (D- Queens), and a member of the House Judiciary Committee, said.
“For too long, Post Office “Change of Address” forms have been used to help hijack consumers' identities without their knowledge. Consumers deserve a meaningful opportunity to confirm their intentions and detect any wrongdoing,” said Senator Klein who has sponsored state legislation requiring consumers to be notified whenever the security of their stored personal information is compromised.
Weiner, Vallone, and Klein released a series of cases where criminals used a loophole in the "Change of Address" (COA) process to access bank accounts, credit cards, and social security numbers of unknowing victims.
The major loophole in the COA process is that while United States Postal Service (USPS) sends a confirmation letter to the individual at the original and new address, they do not require the original addressee to return the signed confirmation letter before rerouting the mail. If the USPS' confirmation letter is thrown out, misplaced, or simply ignored, USPS changes the address.
While USPS does not specifically track COA identity theft, 166,000 Americans had their identities stolen through mail fraud out of the total of 8.3 million Americans who had their identities stolen in 2005.
Among the cases of COA identity theft are:
§ A Bronx resident filed COA forms to steal the social security number and $3,500 from an Astoria woman. When Post Office notified the Astoria woman that her address had been changed, she explained that it was wrong. The Post Office didn't change it for 20 days.
§ An Illinois man filed COA forms for people who had recently died, stole their financial information, and added himself as a secondary user to their credit card accounts, taking out a $5,000 cash advance. (State Journal-Register, 2/22/07)
§ A North Carolina woman filed a COA form for her deceased uncle and was able to access his financial information and make a series of purchases. Reports did not include how much was stolen. (Charlotte Observer, 8/29/07)
§ An ex-convict in Chicago used a COA form to buy nearly $550 in jewelry and clothes, rent a car, and purchase nine cell phones under the name of a Florida Assistant U.S. Attorney. The ex-convict was finally arrested at a Neiman Marcus with the U.S. Attorney's credit card. (Chicago Tribune, 9/20/06)
Rep. Weiner announced common sense legislation that will require the USPS to receive a signed confirmation from the original addressee before initiating a COA submission.
Rep. Weiner said, “The postal service is ignoring the security system they have in place to protect people's identity. It's time we seal shut this open door to identity theft.”
“No matter how careful you are to protect your identity, your mail is where you are most vulnerable,” Vallone, who brought attention to this loophole when a constituent of his had her identity stolen, said. “In a high tech age, the Post Office is failing to protect against the simplest of low tech scams.”
Senator Klein has been an aggressive advocate for victims of identity theft, and contacted with Weiner and Vallone Jr. after a constituent reached out to him regarding security at the USPS. As a result, Klein will be introducing a resolution in the State Senate in support of the Congressman's legislation.