‘This Sunday’s Arizona Republic picked up Brian Krebs article in the Washington Post about thieves tapping into home equity lines of credit. This is a very interesting, and just because their are people out there who actually still have home equity, but that this is a very simple con with potentially devastating affect. One of which is there was no data theft here, rather the information was mined legally. Second is that when the bank falls for the con, since they believe it was the borrower who made the withdrawal, the borrower has to detect the fraud and provide some form of evidence that it was not they that made the withdrawal.

After I read this story, I went out to see what data was available to see if this was possible. Despite a wife who uses this information on a daily basis to perform her job, I was still surprised. The amount and quality of information that is held in public databases, readily accessible to anyone who cares to view it is pretty amazing. If you are not aware of it, when you buy a home, pretty much every piece of information regarding that transaction is logged by the county recorder and placed in the public domain. If you are a homeowner, go out to your county recorders web site and search for the data; your name, address, signature, lender, the amount, possibly the interest rate and a lot of other information as well. Seriously, take a minute and check it out; I think you will be startled as to what you find. Stars, celebrities, politicians along with everyone else.

In this particular case there was no data theft theft component in this particular case, rather it was simple and legal data mining for ID theft. They probably were able to cross reference those people who looked like they may have assets with a credit score, and voila, instant target list.

A lot of people have had their HELOC, or Home Equity Line of Credit yanked from their banks recently, some amid remodeling projects. Part of the issue is the Banks trying to reduce their exposure on people who are living off their credit lines, but another is this type of fraud. Banks and financial institutions have long had the problem of ‘how do I know its really you’, and thieves often know in advance what the banks ask for in the way of authentication, and either have that information, or a suitable excuse. Had the group in this specific case not been so greedy and tied to move such a large sum of money, I am not sure they would have been caught. And since the perpetrator is able to mask their identity and location, it’s up to the bank’s representative to have enough savvy to not fall for the con. And in that event, it’s trouble for both the lender and hassle for the borrower, so check your statements as this could happen to pretty much anyone.