KANSAS CITY, Kan. - Last week I met the crook who stole my identity and turned my life inside out.
"I'm sorry for everything I've done to you," he said.
Shad Fish, a 35-year-old former hardwood floor contractor will be nearly 40 by the time he gets out of federal prison for charging hundreds of thousands of dollars in merchandise using stolen identities.
Using my identity, he charged more than $40,000 in just a few days: suits, computers, an all-terrain vehicle, lawn equipment, stereo equipment, you name it. It took more than a year and untold hours of exasperation to clear up my credit.
In court, Fish looked me in the eye and nodded after the judge sentenced him to 57 months. The next day we spoke by phone for an hour, the inmate calmly recounting how lucrative and easy it was to feast off other people's credit.
He drove a slew of cars, each charged to strangers. His favorite was the silver Corvette. He gave his four children lavish Christmases without spending a dime of his own money.
"It's just so easy," he said in a tone more matter-of-fact than boastful. "I could have made a million dollars a year easily. But being addicted to drugs I sold things so cheap to get money fast."
He paid for a ferocious crack cocaine and methamphetamine habit by hocking goods he fraudulently charged.
The experience already had taught me that the credit industry makes it too easy for thieves to plunder other people's credit and too hard for victims to clear their names. Talking to Shad Fish, I learned it's worse than I thought.
"Say I mow your grass, and you write me a check. I could then empty your account in a day. All I need is that account number and routing number."
Take every precaution - guard your Social Security number, update your computer firewalls, shred your credit card statements - it's not enough. Said my evil twin in Leavenworth Detention Center: "The sad truth is you can never really protect yourself."
Thanks for the reassurance, Shad.
* * *
I had wondered if my common last name - Smith - made me an easy target, but he said no, it was just chance.
Fish and a group of fellow identity thieves had contacts inside companies with databases loaded with personal information. Fifty bucks was all it cost him to buy the Social Security number, name and date of birth of someone with a good credit rating. I happened to be a name on a list of folks with good credit.
"It's like the lottery," Fish said. "You just happened to be picked."
I always knew I'd win the lottery.
Armed with my personal information, Fish went to a Missouri driver's license bureau and had his picture taken for Adam C. Smith's official state ID. He said his picture must be on at least 60 different Missouri IDs, but the half-dozen clerks who kept waiting on him never caught on.
Fish's contact at an auto dealer obtained my credit report. This came in handy on those occasions that retailers asked questions before issuing him charge accounts.
After seeing my Florida address on the credit report, some asked if he had recently moved to Kansas City. He would tick off Adam C. Smith's prior addresses, phone numbers, mortgage lenders.
Think of Mr. Fish the next time a cashier encourages you to open a new credit account and get an instant discount. Retailers love anything that entices people to make impulse purchases. My identity thief loved it, too.
"They make it so easy with the instant credit system. It blew my mind how easy it was when I first started. All you have to do is fill out a form, hand them an ID and instantly $20,000 becomes available. Then they want you to spend that $20,000 immediately."
Fish bought merchandise on instant credit using dozens of identities. The feds attributed about $200,000 in losses to Fish; he said the real number was more than twice that.
He would use a stolen identity for only a few days; by the time an individual realized his identity had been stolen, Fish had moved on to a new victim.
He stopped at a Kansas City Nordstrom in July 2001 to open a new account and buy a leather jacket under the name of David Smithers. Unlike virtually every other retailer Fish dealt with, Nordstrom did more than the most cursory verification. Nordstrom checked Smithers' credit report, noticed a lot of new account activity and called the Texas number recently listed for Smithers.
The real David Smithers answered, said he still lived in San Antonio and had never set foot in Nordstrom.
Fish found himself locked in a security room with police officers. But having studied Smithers' credit report, he barely blinked. After nearly two hours the officers were about to let him go - even after calling the real Smithers.
"He knew my employers, he knew people I worked with, he had addresses going back four and five years," Smithers recounted in a phone interview. "The guy had them convinced that he had lived in Texas and moved, and that I moved to his old house and stole his identity. He's saying, "You need to call the police and have him arrested.' "
Fish wound up with probation and went back to what he did best. A few months later he morphed into the big-spending Adam C. Smith.
* * *
In just a few days at the end of November 2001, the inestimable Mr. Smith racked up $45,000 in charges. I didn't have a clue until six months later, while in South Florida covering Janet Reno's campaign for governor.
My wife called; she said Honda Finance was inquiring about my failure to make payments on my $6,950 all-terrain vehicle.
With me on the road, she usually heard first from the creditors. The conversations would go like this:
"Ma'am, you say your husband didn't make this purchase? May I speak to him?"
"He's not here right now. He travels a lot."
Pause. "I see. And does he travel a lot to Kansas City?"
I ordered my credit reports from the three companies that compile them, Equifax, Experian and Trans Union. Adam C. Smith had been shopping up a storm in and around Kansas City: $3,795 at Men's Wearhouse; $10,575.66 at Rex TV; $3,600.90 at Best Buy; $2,087.77 at Dick's Sporting Goods; and on and on.
Erasing these debts required notarized affidavits, police reports, certified letters and umpteen hours in voice mail purgatory. Over the coming months, I'd knock one debt off my record only to have more pop up.
Fish thought of me and his other victims occasionally during his spending sprees.
"I rationalized that all you had to do was write a few letters, and the companies had fraud insurance."
If only his prison sentence required him to spend hours in voice mail hell trying to reach a live person inside one of the credit bureaus. That would be justice.
* * *
I'm lucky in a way. At least nobody pulled money from my bank accounts. Some identity theft victims have wound up in bankruptcy or married to people they've never heard of. Others have been jailed for offenses committed by their impostors.
What's more, my thief was punished. Experts estimate that fewer than 1 in 700 cases of identity theft end with a conviction.
Fish was part of an identity theft ring in the Kansas City area; he was the first one caught.
"It's not the smart ones we caught first, it was the ones who were kind of loose cannons, going crazy with all their buying," said Shaun Ippolito of the U.S. Postal Inspection Service.
Ippolito helped police in St. Joseph, Mo., catch Fish in late 2003 for fraudulently charging a plasma screen TV, for which Fish was sentenced to six years. Authorities then built a federal case against him.
Inside the Robert Dole U.S. Courthouse last week, the man with so many identities sounded contrite as his elderly parents, 13-year-old daughter and I looked on.
"I want to apologize to my daughters, to my family, and especially to the victims of my crime," he said. "I can't take back what I did, but what I can do, what I will do, is spend the rest of my life drug free."
* * *
In just the past nine months, personal data for more than 50-million consumers has disappeared from financial institutions, universities, data corporations and hospitals. Fish got my information from some dishonest company insider; he said it's easy to find people in any city with access to sensitive data.
He suggests ways to slow or stall his kind of thief.
Had the stores so eager to issue instant credit bothered to call the last home phone number listed for me on my credit report, he probably would have been thwarted; that's how Nordstrom caught him. Had the credit processing companies been suspicious of someone opening new account after account on a single day, he might have been stopped.
Even better, he says he could not have opened a new account in the name of anyone with a restricted credit report. Twelve states have "credit freeze" laws that allow consumers to bar access to their credit reports unless they grant permission. Bills pending in Congress would do the same, but lobbyists with the retailers and the credit industry are hostile to such an idea.
Imagine that! To make it harder for strangers to access their personal financial information, consumers could decide they would rather wait a few days to finance a car or charge that big-screen TV. What a reckless concept.
In Florida, Republican state Rep. Sandy Adams of Orlando has sponsored a bill to allow credit freezes. When a legislative committee met last week to discuss the bill, lobbyists for bankers, retailers and credit reporting agencies lined up to sound the alarm.
Among them was Eric Ellman of the Consumer Data Industry Association. What if a consumer at the checkout line wanted to take advantage of a 10 percent discount offer for anyone opening a new charge account, Ellman asked in a phone interview.
"It places a significant burden on consumers' ability to be credit active," Ellman said, thinking he was talking to an ostensibly objective reporter rather than an identity theft victim and fanatic.
Burden!!!! After hearing my sputtering rant about the untold hours it takes an identity theft victim to regain control of his credit, about the tradeoff between allowing consumers to choose greater protection over instant debt opportunities, and about his industry's maddening voice-mail systems, he struggled for a response.
Restrict access to instant credit? Can't believe I'm saying it, but on this, Shad Fish and I are one.
It's impossible to fully protect yourself from identity theft. But precautions will minimize the risk.
Order your credit report at least once a year from one or all the national consumer reporting companies and check for any dubious activity. Federal law requires them to provide you with one free report annually. Call toll-free 1-877-322-8228 or visit www.annualcreditreport.com
Remove your name from the marketing lists of the three credit reporting bureaus, to limit preapproved offers for credit or insurance. Those offers contain sensitive information that can be retrieved by identity thieves. Call toll-free 1-888-567-8688 or go to www.optoutprescreen.com
Reduce the number of credit cards you actively use. Carry only one or two of them in your wallet. Consider canceling unused accounts.
Never give out your Social Security number, credit card number or other personal information over the phone, by mail or on the Internet unless you initiated the call and have a trusted business relationship with the company.
Always take credit card receipts with you; never toss them in a public trash container.
Install a firewall on your home computer to prevent hackers from obtaining personal identifying and financial data from your hard drive. Install and update virus protection software to prevent a worm or virus from causing your computer to send out files or other stored information.
Store personal information securely in your home, especially if you have roommates, employ outside help or have service work done in your home.