Identity thieves are lame!
When I got back from Sweden, I hit up an American ATM for the first time in a couple of weeks, and I noticed that my balance seemed unusually low. Like, how-am-I-going-to-pay-my-January-rent kind of low. I should have looked into it immediately, but I just filed a mental note and spent the next few days enjoying Christmas with my family.
(Aleksa and I each got a Game Boy DS, so now we'll be able to play Mario Kart together even when we're in different states. You know what's great about having a 7-year old sister? I can play Super Princess Peach without having to buy it for myself...)
After Christmas, I went back to my apartment for the first time since before Sweden, and I found that my mailbox had been smashed open. Like, the door was all bent so that it can't close or lock properly. There were some bills and junk-mail still inside, but who knows what might have been stolen?
Worried, I checked my bank statement online. I noticed some rather large payments to U.S. Cellular and T-Mobile, neither of which services I have ever used. I followed the bogus deductions back to when they started, at the end of November. They totaled about $1800. I guess I should check my bank statements more often so I'll notice stuff like this.
I called my bank (Chase) right away and, once I got a human, I was very impressed with how well they handled the situation. They immediately put a freeze on my account, faxed me the paperwork to file a fraudulent claim report, and told me what I needed to do to open a new account, transfer my funds, and get the stolen money back.
They guy from Chase also did a little bit of digging and found out that most of the bogus phone bills were paid under the (almost certainly fake) name of "Antonio Smith". Isaac pointed out to me that Antonio Smith is the name of the forensic linguist in an early Narbonic story-arc. So did I get my identity stolen by a Narbonic fan? That would be truly bizzare. (But then, Shaenon Garrity has said "Antonio Smith is named after Bassanio's ambiguously gay friend in The Merchant of Venice.", so maybe it was a Shakespeare fan.)
My new bank account was set up, the old one was frozen, the remaining money was transferred, my paycheck deposits were redirected, and new checks were in my hand within the same day. The stolen $1800 was refunded to me less than 48 hours later. Big kudos from me to Chase for how well they handled this. If anybody reading this is trying to choose a bank, they have my recommendation.
So, how was my bank account cracked? The first deduction happened before I went to Sweden, so it was before my mailbox was vandalized. They didn't do it that way. Also, the bogus deductions were all made by electronic money transfer, not by ATM/debit card deduction. That means that the thief got my bank account number and routing number. If you think about it, that information is on every check that I write, so anyone who ever saw one of my checks could have done this.
The banker I talked to said "Honestly, I'm surprised that this doesn't happen a lot more often. The real problem is that U.S. Cellular and T-Mobile will allow someone to start an account with just a name and a bank account number and routing number, and they won't verify it, so this is really easy to do."
Everything seems to be fine now. I had to call the post office and have them put a hold on all my mail for several days, because otherwise my new ATM/debit card would have been in my busted mailbox and anyone could have taken it. I picked up my held mail from the post office this morning and the card was in there, so I guess my plan worked.
I was lucky; this whole identity-theft thing was just an annoyance, not a life-ruining affair like it could easily be for some people. The experience has given me a new perspective on what society should be doing to fight identity theft. There's two sides to it: the side we usually hear about is all about making personal information harder to get. But the flip side is about making this information harder to use for people who discover it. In this case, the problem was that my info was too easy to use. The cell-phone companies weren't doing the verification they should have been doing.