Postal Service planned to prevent change of address fraud. Postal Inspection Service, or USPIS, the law enforcement arm of USPS, which provided TechCrunch with a boilerplate statement - some of which repeated itself - but did not say how the U.S. USPS spokespeople Sue Brennan and Tatiana Roy declined to comment and referred our email to the U.S. Postal Service was reducing this kind of change of address fraud given that it remains an ongoing issue, TechCrunch asked USPS for comment. But change of address fraud still affects thousands of people every year who don't have the clout of a former technology executive to get their lives back to normal. Luckily for him, he caught the fraud before the criminals could do irreversible damage, yet it still took weeks to return his accounts - and his home address - in order. USPS has long sold change of address data to data brokers, which resell this information to anyone who wants to buy it, like financial institutions.
Yet, it still took nearly three months for UPS to notice that its mail wasn't showing up.Ī letter from one of the former executive's banks, which he shared with TechCrunch, corroborates his account and confirmed that the bank made the address change in its systems "as a result of data received from the United States Postal Service (USPS) indicating that an address change had occurred." Because USPS had accepted the fraudulent change of address made in the former executive's name, USPS passed along the new address set by the fraudsters to countless other companies, including his banks. In a particularly comical case from 2017, an Atlanta resident was arrested for cashing checks that he had rerouted from the corporate headquarters of shipping giant UPS, resulting in literal bathtubs of mail piling up outside the hapless fraudster's apartment. Not only is this flaw not new, it's widely documented. But these letters can, and are, easily missed, and the letters themselves do not require customer attention or interaction, only if the person wants to "view or cancel" an unauthorized change of address request. Once a form is handed in and processed, USPS sends out two letters, one letter to the old address and another to the new address, notifying the resident that the change of address went through. That is the simple flaw that fraudsters exploit in order to hijack home addresses, steal their credit cards and wreak havoc on their bank accounts. But besides a notice on the reverse side warning that filling out the form with false information could result in criminal charges (if caught), there are no guarantees that USPS will check the identity of the person submitting a paper change of address form. The last thing is to sign the form, and hand it back to a postal worker or drop it in the letter mail slot inside the post office. You have to request the postcard-sized form at a USPS post office, which we did - for journalism! The person then fills it out with their name, old address, new address and for how long they want to reroute their mail. As bureaucratic as government paperwork goes, this form is both refreshingly simple and remarkably dull. The paper form is officially known as PS Form 3575. But while USPS acknowledges there is a problem, it wouldn't say how it plans to close the loophole that allows fraudsters to cash in on someone else's identity.Ī postcard-sized change of address form, made of paper, facing front-side up on a flat wooden desk.Īfter filling out this form, there are no guarantees that USPS will check the identity of the person submitting the change of address request. What is more baffling is that there seems to be an equally simple fix. A fraudulently filed change of address form can have lasting fallout for the thousands of individuals whose mail is hijacked and rerouted every year, with criminals able to obtain bills, credit cards and other sensitive information that can be used to raid bank accounts or make fraudulent purchases. It's neither new nor a particularly sophisticated technique, and has long been known to fraudsters and federal investigators. Postal Service processes changes of address. The fraud relies on a simple flaw in how the U.S.
That was enough to set in motion a domino effect that upended the life of a former Microsoft executive several states away, as the person who signed the form effectively hijacked the executive's home address in just a few minutes. The person signed the form, handed it in and walked out. post office and filled out a change of address form, just as tens of millions do each year to route their mail to a new address. Sometime in November, someone walked into a U.S.
0 kommentar(er)
