![\"user-pic\"](\"/css/images/default.gif\")
Lower level STORE branded cards usually come already activated simply because there isn't a call center in the world that could handle the amount of activation cards it would receive. You generally have to provide proper ID at the store the next time you use it.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-92154-100x100.png\")
The security on credit card usage is already so low without them pulling this shit...
When PC Guy says he opted out at the DMA website I had to Google what that meant. It's the Direct Marketing Association (obviously) and you can use their Mail Preference Service...as long as you confirm your address by giving them your credit card number to \"validate your identity\"!
No thanks. I don't care if they are an association; I'm not giving direct marketers any more ways to get at me.
Last fall, Citibank called me to find out if I had received a replacement card, because it hadn't been activated yet. (It was sitting in my \"things to take care of\" pile.) They left a recording on my cell phone that said that they had recently sent me a card that had not been activated, and that if I had not received the card, I should contact them using the phone number on my old card or statement.
Tangent: A few years ago, their fraud department called me at home one day because my card was being used heavily in an unusual manner. My husband explained that I was out shopping, replacing items that had been stolen during a recent burglary. Citibank was unconvinced and flagged my account so that at the next purchase, the clerk was instructed to call Citibank. They told him to check my ID (including \"does it look like her\") and then put me on. I explained about the robbery, and they lifted the hold on my account.
First-line customer service might be hit-or-miss at times (though I usually have excellent luck on the rare occasions that I call), but their fraud department seems to be on top of things.
And from the picture I thought this was gonna be Paypal, once again, screwing their customers on the debit program...
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-146045-100x100.png\")
This is so unbelievably fucked up. I do everything this guy does to protect myself from identity theft and basically it's all wasted effort due to the credit card companies'carelessness.
Nothing will change until they are sued, fined and/or legislated into stopping these bullshit practices that put consumers at risk.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-21984-100x100.png\")
@RhymePhile: Back in 2001 I signed everyone's email I could find on the DMA's website up for the spammiest offers on the 'net. A couple of years later they came out against spam.
That said, it seems like this guy has his stuff id protect together yet it still failed. Nice to hear about the \"lifelock\" issue too...
![\"user-pic\"](\"/mt-static/support/assets_c/userpics/userpic-6536-100x100.png\")
When questioned, Washington Mutual said they allow for small purchases to be made on non-activated cards as a courtesy to their customers.
How does that even make sense?
CHASE & WAMU = FAIL
We regularly get mail for someone who lives at our address, but East (we're West). Both mail carrier errors (when the letters actually do have the correct zip code - don't they even look?), and some of this person's mail with our address actually on it. Including, a couple of years ago, his replacement credit card.
I cut it up and called the credit card company and let them know they had the wrong address for this person. They thanked me and then sent a replacement card - to my address! This time I called the real recipient and let him know what was going on. He must have fixed something, as we never got another card in the mail, but that credit card company is still sending a bunch of his correspondence our way, including recently a letter with his PIN on it!
Very lucky for this person that we are not identity thieves.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-328859-100x100.png\")
So why aren't credit cards required to be sent registered mail or anything like that?
![\"user-pic\"](\"/mt-static/support/assets_c/userpics/userpic-93308-100x100.png\")
@moore850: Because the credit card companies would spend millions of dollars lobbying to stop any law like that, because it would cost them more to mail, and take away their ability to blame the USPS when things go wrong.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-1196-100x100.png\")
That's great...I always knew that the stupid credit card activation phone call was a thinly veiled scam to get you on the phone to sell subscription services.
@missjulied: I was getting statements and balance transfer checks for a previous resident. (Same CC company as one of mine, so I recognized the envelopes.)
I hate balance transfer checks with a passion. Oh, wait, they are \"convenience checks\" now. Whatever, I despise them and hate having to shred them. Every so often, I call and ask all my CC companies to stop with the checks, and they do for a while. You'd think after so many years of my not using them, they'd stop sending them.
This is why we pay for a PO Box at the post office. Our \"billing\" address is there, so they send all of our bills, and those annoying checks there, as well as the replacement cards.
Its 'safer' than the normal postal mail for several reasons. One of which is you have to have a key to access it, so only specific people can open your box.
We do this because my older brother's mail got stolen while there was those checks in it, and the thief used the checks to charge over $5000 onto his account. My brother was liable for $50, which sucked, but its better than the $5000.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-224192-100x100.png\")
I hate it when the credit card company calls me. I probably would not give out any personal information over the phone to someone who called me, either. But mine doesn't call me with \"unavailable\" showing on the caller ID...it shows a number, instead. I can quickly Google this number to get at least some reassurance. The CSR's always act like I'm acting weird and paranoid when I tell them I need to verify their identity before I give them any information.
@missjulied: Why do you keep opening someone else's mail??? I still get mail from the previous owner of my house even thought its been 7 months, however I never open them and write return to sender on everything. It's illegal to open someone else's mail
Last month I received a new Discover card because my old one had expired. I don't use the card and have no balance on it. It came with the same \"call to activate\" warning and everything. As I never use it, I haven't called.
Yesterday I received in the mail from Discover a very important looking 'pull-tab' letter. Upon opening it, in large bold letters, it says \"IMMEDIATE RESPONSE REQUESTED\" and in smaller print says, \"We recently sent you a new Discover Card to replace the one that expired, and we've noticed it hasn't been activated or used for any purchases. (emphasis mine) Please call us at 1-800..... as soon as possible to confirm you've received your card.
So right there they say that the card doesn't have to be activated to be used. What a bunch of crap. They're just trying to make sure I have the card, I know, but if the \"call to activate\" really worked, then they shouldn't need to make sure I get the card.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-158781-100x100.png\")
I've actually been concerned about this type of phishing. Unlike the interlog, there's no way to verify who's calling you is indeed from your bank.
I wonder if there is a way to set up something similar to a site key to make sure that the bank can verify itself.
\"When was your company founded?\"
\"What is my current interest rate?\"
\"How much could a woodchuck chuck if my credit limit was $6000?\"
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-6173-100x100.png\")
Dude, I just had a charge appear on an \"unactivated\" card too! I was calling to report the fraud this a.m.!
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-76955-100x100.png\")
This totally sucks, this guy is doing everything right and still getting screwed by the cc companies. The only solution is to not have any credit cards (I had to throw that out since everytime there is a post about debit card issues the solution is to only use credit cards). But seriously, WTF.
@smythe: I don't necessarily look at the address on every piece of mail before opening it, do you? It's not like I'm getting someone else's mail every day.
@smythe: I was wondering that too. How would you even know a mailing contained a PIN number unless you opened it?
identity theft FTW!!!
my neighbors (well people that live in my apartment building) keep stealing my packages even when i tell USPS to stop leaving them at my door and have me pick them up at the station. As soon as the tracking number says \"delivered\" the USPS says there is nothing they can do (unless the shipper pays for insurance, which many do not offer)
any ideas that you guys can help me with?!
Mail carrier errors NEED to be reported to the local postmaster SOONEST so that they can remedy the problems.
They have a complaint form for issues like this that you can fill out and drop in the mail slot.
I had a card that came in tardy, after I had received a confirmation letter. I pulled the trigger on it too fast and got that card number killed, before I was supposed to go on a trip. Even with expedited handling, it still took a week to get a new card out of them. The hassle of going through all my services to redo the card number on them!
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-25844-100x100.png\")
@sohmc: If I understand SecureID correctly, both parties can decode a token pin at the same time as long as the other authenticating factors are in place. So those banks that offer SecureID secondary authentication tokens could implement this. Again, if I understand correctly, it would go like this:
Bank Fraud Dept: Sir, this is XXX bank with a fraud alert, please confirm your SecureID PIN
You: Pin XXXX
Bank: Thank you, your current SecureID Token # is XXXXXX.
You [confirm Token number on your SecureID FOB]: OK, you are Bank XXX fraud department, what's up?
This is basically \"reverse verification\", instead of you using your PIN and Token to verify, you give your PIN and they use it to give you your current sixty second token number, which you can rely upon to verify their identity. Again, I've heard this is possible, but I'm not an expert.
The only problem there lies in the fact that for the remaining 60 seconds or so, the clerk who just called you has your current PIN and Token ID, because you've just confirmed both to him/her. Not sure how to deal with that.
Also, of course, there are other secondary authentication schemes out there, I'm not in any way endorsing RSA.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-184148-100x100.png\")
@Syrenia: I recently did some credit card juggling and then paid off a Discover card so I could use it to buy a bunch of new stuff for our new house (cashback woo!). I hadn't even made it to the second store before Discover called my house and my cell phone to make sure I was authorizing the activity. None of my previous CC/banks have even done that and it was a nice introduction to their company.
Actually, I've used my BOA credit card unactivated in the past. They sent me a new one because the old one was stolen. Ironic.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-23176-100x100.png\")
What gets me about credit cards sent in the mail is that the mailings aren't padded as to disguise the credit card inside. Bad enough just about everyone knows credit cards mainly ship from Wilmington, DE, but at least go the extra mile and hide the card.
Back to the story, it's scary that card issuers routinely allow non swipe credit card transactions on unactivated accounts. It takes but a minute (including declining any offers while you *wait* for the card to be activated) to call the tool free number in order to get your account verified.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-17012-100x100.png\")
You can open and keep anything that comes to your house.
I'm not a lawyer, but for the record, I wouldn't be so sure about that. The mail tampering statute (18 U.S.C. ยง 1702) refers specifically to delivery to a person, not an address.
\"Whoever takes any letter, postal card, or package out of any post office or any authorized depository for mail matter, or from any letter or mail carrier, or which has been in any post office or authorized depository, or in the custody of any letter or mail carrier, before it has been delivered to the person to whom it was directed, with design to obstruct the correspondence, or to pry into the business or secrets of another, or opens, secretes, embezzles, or destroys the same, shall be fined under this title or imprisoned not more than five years, or both\"
I feel for this person. I have been the victim for over 4 years of ID theft from some unknown ahole and no company will ever help me track them down. I subpoened crapital one in federal court and they refused to provide the information and then told my attorney they no longer had it even though I had them on tape telling me they had this information. I have sued multiple companies for non permissible credit pulls in the hopes I would get their attention but they just send me a 1k check and then refuse to provide the ip address or any other information on the crook. However, they then turn around and whine to the government about all the unchecked ID check.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-298363-100x100.png\")
Not to mention, the call-to-activate process itself is always a sham. You call to activate your new card, and it takes several minutes because the banks like to use that opportunity to upsell you on BS services like credit protection and whatnot.
I get so angry listening to sales pitches just to activate my card, all under the guise of card security.
Then to find out, it's all a sham anyway.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-4856-100x100.png\")
I don't know why those stickers always say \"you must call from your home phone\". I never call from my \"home phone\" and it's never a problem.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-107600-100x100.png\")
@humphrmi: I don't believe what you are suggesting is possible. You wouldn't want some other person to be able to generate the user's token because then, that person can impersonate them. This would be the absolute worst thing to provide to a call center person! I would simply collect people's PINs over a period of time as they called, then drain all their accounts when I wanted.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-16563-100x100.png\")
Credit cards should be, by law, totally liable - with no action whatsoever on the part of the cardholder, or penalty to the conned store - for any fraudulent activity on \"unactivated\" cards. If there's no law, there should be.
This is obscene.
Oh, and Chase: change your anti-fraud calls: you sound like a phisher.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-147908-100x100.png\")
@Landru: You can open and keep anything that comes to your house
No, you definitely can't. You can keep anything that comes addressed to you, but not things that come addressed to someone else. You can't open and keep your roommates' mail, nor can you open and keep someone else's mail that was accidentally delivered to your address.
My local post office told me the proper action when you get misaddressed mail was to cross out any of the bar-code-like stamps the USPS puts on things, write \"Not at this address\" on it, and drop it in any mailbox.
Call-to-activate must be a program run by marketing, not by the fraud prevention department.
@satoru: What you are saying seem to be not that it is not possible, but that it is not safe. Probably true, you have to weigh the risk of the CSR having this Vs. the risk of not being able to verify the CSR is with the company. Both are big problems.
Also, I agree with PC Guy about LifeLock not being all that great. I currently have LifeLock and, true to their word, they have placed \"fraud alerts\" on my credit reports. A \"fraud alert\" is supposed to be used by victims of identity theft (which I am not). According to a letter I received from one of the credit bureaus a fraud alert indicates that when extending credit to me the lender is supposed to follow \"more stringent procedures\" to verify my identity.
The problem is that these procedures have never been described and I'm not entirely sure that lenders are *required* to follow them. The amount of protection they provide is dubious (it certainly explains how somebody was able to secure a small loan using LifeLock's CEOs publicly available SSN).
The other type of credit report protection -- a report \"lock\" -- means that, in theory, nobody can access my credit report until I call the credit bureau and \"unlock\" my report. I believe it costs something like $10 to lock and unlock a report. If LifeLock offered to deal with the credit bureaus and lock/unlock my reports on my behalf it would be totally worth the $9.95/month, but as it stands I may cancel it and just put locks on my reports.
interesting story. this just proves the point that paying for credit monitoring, FICO updates, etc. is not only a waste of time and money but it also gives you a false sense of security.
would you like a 3 ft. thick concrete bunker to keep your credit cards? i promise it will help prevent identity theft. now gimme your money.
@K-Bo: What I do instead is simply hang up on them when they claim to be from the credit card company and then call back through the phone number that's actually on my card. A bit of a pain, but at least then I know that I'm talking to the right person. Now if only companies would figure out that they shouldn't use outgoing phone calls for this purpose and/or should some means of authentication.
@johnva: This is a way that those of us who care enough about this kind of stuff would think of to get around the problem, but I don't see it ever becoming standard procedure for the credit card company to call up and say call us back so you know it is us, so only those of us who think about these things benefit from it.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-1833-100x100.png\")
@SuperJdynamite: A few years ago I called to activate a card from my work phone, and the system told me that the activation wouldn't go through until I called from the right number. I haven't tried it since, so maybe they've gotten lax. Or maybe it was just that issuer who did it right.
I once had a FedEx overnight envelope show up, with my address but somebody else's name. (Not the previous tenant's name, either.) FedEx refused to return the address to the sender. A phone number I got by googling the sender's name and address sent me to phone tree hell. Finally I just opened it and shredded the contents -- I wasn't sending that cardboard envelope through my shredder!
I always wondered if the sender and recipient got that straightened out.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-69858-100x100.png\")
@Troy F.: They tried to upsell me twice (with a barely comprehensible Indian accent too) the last time I activated a card. Why exactly can't I do it online?
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-257705-100x100.png\")
Once I was approved for a credit card, but never received it after a few weeks. I called and alerted the company and sent out a new one, they have no clue what happened to the one they sent out previously, but said it was definitely mailed. Luckily it was never used and the closed it, I was so mad though.
On another not, I feel like there's all sorts of potential problems with the \"checks\" that credit cards send about twice a month to try to get you using them. What if these get misplaced in the mail and they just start racking up charges? Is there any way to opt out of these ridiculous things?
Also, my typing is terrible today
I keep getting DirecTV bills from an address that doesn't exist -- it should be on my block but isn't. I tried to return the bills to the house next to me which logically would be the right one, but since it's on the corner its address is that of the cross street and the guy there said he had no idea who the subscriber was.
With no other clue what to do with the bills I just recycle them since \"not at this address\" wouldn't help -- they're just putting them in my mail box because they apparently think I must have asked for them -- my real mailing address is just one digit off from the one on the bills.
Any suggestions?
@crabbyman6: Yes, although it varies by card -- register for and log into online management of that card and look around for an option to opt out of \"convenience checks\". If you can't find it, write to customer support and ask.
@K-Bo: I don't see why that couldn't become the standard behavior. They could just have an automatic dialing machine call and tell you that \"xxx Fraud Department\" needs to discuss an important matter with you and that you should call the number on the back of your card. This seems like the only secure solution if they aren't going to go with some sort of two-way authentication procedure. Might be more inconvenient for them, but I could see them doing it if phone phishing becomes a prevalent enough problem.
@crabbyman6: I opted out of every option of paper mail they would let me, now I only get them about 2-3 times a year. Shouldn't get them at all if I'm not signed up for paper, but hey 2-3 a year is better than 2-3 a month.
@Trai_Dep: They are. You aren't liable for any charges that were incurred because of failed security.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-1838-100x100.png\")
It's true. i used a new card the other day without calling to \"activate\" it. They like to use the phone time to try to sell you other stuff.
@missjulied: how do you know he had recieved a letter with pin information without opening his mail? that is very wrong and how are we to believe that you haven't stolen his idenity if you are willing to break the law by opening mail that doesn't belong to you.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-108858-100x100.png\")
This is so fake. Someone wrote this for his freshman creative writing \"discover dialogue\" assignment.
This just happened to me yesterday. I was mailed a new credit card from BANK OF AMERICA I'm guessing because it was a few months away from expiring. There was no activation required or anything. I was shocked. Thank god I checked my mail soon after it was delivered.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-22828-100x100.png\")
Credit card fraud? Yes.
Identity theft? No.
For it to be ID theft, someone would have had to have opened up new accounts and/or loans in his name, or otherwise abused his contact info.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-98787-100x100.png\")
BOA sent my replacement card already activated to my house...the replacement card they were sending me because they had to close the prior account due to fraudulent use. They even sent two of the cards in the mail, the rushed one and the standard shipping one.
@Jeff the Riffer: Did you RTA?
\"Without missing a beat, that person managed to use the card on the Internet for a small purchase at [redacted--internet site] presumably to see if it works, and then proceeded to use the card to pay for a background check on me at two data brokers.\"
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-159466-100x100.png\")
From the article, it appears that through some sort of spying, skiptracing, or other subversive technique, the OP was able to get the address of the dude who tried to steal his money and then attempt ID theft.
Question: When do we get to hear the story about him going to the person's house and shoving his foot up their ass?
I've always wanted to catch someone trying to steal large amounts of items or money from me just so I could fuck them up beyond repair. Or, maybe make their lives really miserable by fucking with them relentlessly, and THEN kicking the crap out of them. I have dreams, hours long (well, in dream land), of me destroying the lives faces, and bodies of the people who broke into my car and stole all of my cds and stereo equipment. I really envy the OP for the chance that he has. Hopefully, we get to hear a follow-up!
![\"user-pic\"](\"/mt-static/support/assets_c/userpics/userpic-79750-100x100.png\")
That is scary. Personally, when I get a new credit card it comes through registered mail and I have to sign for it at the post office after showing ID. Is that just a Canadian thing? Either way, I'm thankful.
The DMA is a very legitimate organization. They were the only non-antispam/ISP group at the FTC Spam Hearings years ago that supported extremely strict legislation against spam, since they recognize that bombarding people with crap they don't want simply reduces the number of responses over time.
Yes, they're somewhat responsible for the deluge of junk mail you get every week - but they also have respectable guidelines which they encourage all of their members to follow, including opt-in practices.
I had a similar experience with Chase switching me from Visa to Mastercard about 7 years ago. But they didn't call me, I found out as I signed in at their website when it instructed me to call them immediately. I called and learned that the Mastercard which I knew was coming (they had sent a letter a month earlier to inform me) was pre-pwned and someone tried to buy $500 of stuff at Neiman Marcus. Chase had denied the transaction and shut down my account. They sent me a second Mastercard. Eventually both cards arrived in the mail, and neither envelope showed signs of tampering, so it's a complete mystery how someone got the card number.
As the nice person on the phone reviewed the past two weeks of purchases with me, it was disconcerting how Chase couldn't distinguish between purchases I made on my existing Visa card in the days leading up to the incident and the purchases the thief tried to make on the not-yet activated new Mastercard.
Side effect: Ever since then, a few times a year I get Neiman Marcus catalogs in the mail.
Let me clear up one thing about the postal service. You have a \"Regular\" letter carrier who does indeed work 5 days a week. They are on a rotating schedule with their days off advancing by one day each week. So if they are off on Monday this week they will be off on Tuesday next week and so on. They get one 3 day weekend every 5 weeks when the Friday (last day of old week) and Saturday (first day of new week) run together. On the Regular's day off, they have a regular carrier called a T-6 on your route. It is the same guy every week. This is his route. He has 5 routes that he is responsible for and carries each of them during the week. as a result of needing to know and memorize all 5 of the routes, he is paid an extra paygrade over a Regular carrier. His day off rotates as well. Your house will be delivered by your Regular or this T-6 carrier every day, and the only time there will be a stanger carrying your mail will be during the vacations or sick days of your Regular.
Having said all of this, there is always the possibility of mail being misdelivered. I will make no excuses for any carrier because mistakes are made period. Mail is sorted to some extent by a computer these days. That barcoding at the bottom of your mail shows your zip code, route, and address. When the computer misplaces a letter it is bundled in the wrong address. Ultimately it is the job of your carrier to double check before putting the mail in the box and catching these misplaced letters, but since they are humans they do make mistakes. It happens to everyone. Because it happens once, there is no reason to then assume that because you had a misdelivery to your house that the rest of the houses on your route also got misdelivered mail. People need to realize that the guy who is delivering the mail is a human and is not infallible. He's working in the snow while you are home because your company shut down. He's delivering from a boat when a hurricane drowns your city. He's delivering after an earthquake has devastated your town. Remember those times as well as that one misdelivery if you can. Humans do screw up. Too bad it happened that your mail went to a thief. The thief is to blame in this case. Sure the mail allegedly went to the wrong house but it is possible that the thief stole it from your mailbox too. Any way, the sticker is BS and that is the story.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-101202-100x100.png\")
@Syrenia: Was your husband authorized to discuss the account? If not, as per privacy laws, they're not allowed to take what he says into account. Most people don't keep track of what cards their SO is on, so that might be why you were further detained.
@johnva: If they're asking for \"personal information,\" you need to find a better bank. If they're asking you to confirm yes/no to purchases that you've made, you're not in danger. The safest, failproof, least arrogant move is to call the customer service line on your card/statements. (I know you probably know this, but I can't reiterate it enough!)
Reading your later comment, yes, the suggestion to leave an automated message to call the Frd. Dept is a better method, but would the response rate be as high? (We don't use the automated menus like Chase does, so I can't speak for those, but having a live person on both ends of the line really expedites the process!) Many people find fraud verification calls irritating and choose not to respond (or don't receive the messages, are too rushed, etc.)
@sohmc: See above. Back of the card, ask to speak with the fraud department. A typical fraud rep can't answer those piercing questions!
@humphrmi: Intriguing. I'll have to read up on that. I've used SecureCode fobs for other purposes, but not customer service.
@SuperJdynamite: You're subject to extra verification. Some of the home phone systems are set up to activate entirely through the NIVR (not the best method, considering ANIspoof devices costing under $30 can copy and display anyone's number these days.)
@NotATool: Basically. Depends on the bank, but you're not far off. Try using it for large or suspicious purchases and let us know how that goes.
@forever_knight: Agreed! Face it folks, identity theft is a part of modern life, and you can never fully protect yourself from it. Diligence is admirable, but it's never foolproof.
@ceilingFANBOY: now with 100% more fanboy: The rushed cards are always pre-activated, because they are delivered (ostensibly) to you personally, or someone authorized to sign on your behalf.
And I haven't even talked about the article yet!
Okay.
1) Stealing someone's card from the mail is not ID theft, it's mail fraud. ID theft/account takeovers typically involve data that can be used to impersonate the victim and obtain new credit. Account takeover can rely on stolen mail, but not just the one card... it's when someone who possesses this data (DOB, SSN, mother's maiden name, knowledge of existing credit/previous addresses/contact info) alters your account without your permission to add on other users, change your address, etc.
Mail fraud doesn't have to rely on any of the above, all they need is an intercepted card. Not ID theft. If I stole your Amazon.com package, same deal.
2) The Chase rep sounds like a tool.
3) But hearing \"Aha! This is a phishing scam!\" ad nauseam would make anyone flinch.
4) The letter doesn't need to be \"notarized\" ... in other words, \"certified by a licensed public officer who serves as an impartial witness to the signing of documents\" (thanks Google). You need to sign it. Big difference.
5) I'm sorry to rag all over your unpleasant and unsettling experience, but it's quite irritating to hear people who don't know what they're talking about bandy about terms like they're experts. This has bothered me for some time at Consumerist, but, hell, not like I'm an expert in much either! Editors... work with me here!
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-7284-100x100.png\")
I live at 726 Winfred S. There exists (and not far away either) a 726 Winfred N. Things I've expected to show up here show up there, and things that should be showing up there show up here. USPS, UPS, FedEx, DHL. You name it.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-289696-100x100.png\")
Wow I got mad just READING this.
I think it's probably safe to give out the last 4 digits of your account number unless you have a real reason to think the person on the other end of the phone is a fake. Don't give out all of the digits, however, whatever you do.
I usually hate commenting on these because most of the comments that are irrelevant exist anyway and push down good material. But, a friend of mine in New York complained constantly of this, he lived at * ** Way, and another person around the corner at * ** Drive would get his mail, and vice versa. Including his netflix, which they would watch and return a few days or a week later.
They complained to the postmaster several times, nothing happened. Deliver all important mail registered, dammit. How hard is that? To say \"you gotta sign for this letter\". Sure, it costs more, but is your credit score worth less than $1.20?
![\"user-pic\"](\"/mt-static/support/assets_c/userpics/userpic-24726-100x100.png\")
Though the company is entirely the subject of this post, I would like to use this opportunity to reiterate my pure, unadulterated hatred of Paypal.
Paypal, for helping thieves steal from me and not doing anything about it (except for reporting me to a credit agency), I hate you so much.
Intriguing. I'll have to read up on that.Even though I suggested it, I'm flip-flopping. As @satoru said, giving your PIN to CS would be the worst idea ever, because it doesn't change, only the token does. I hadn't thought it through, now that I have, it sucks. Sorry. But there's got to be some better way to do this, some way that you can verify the identity of a company that calls you and claims that they want to fix a problem that you don't know about yet.
BTW great nick. I read that novel as a kid and loved it.
![\"user-pic\"](\"http://consumerist.com/assets_c/userpics/userpic-60062-100x100.png\")
So I guess the lesson here is that Chase and Washington Mutual credit cards don't adequately protect their customers from identity theft.