To the Researchmobile! : Identity theft

So, here I was, planning to do another installment in the Personal Libraries series. And then last Friday happened.

To be precise, I got a call from our head of HR, saying she’d gotten an unemployment request from me, and thought I should know about that. Someone had gotten hold of my social security number and name and used it to file a fraudulent claim.

So, for today’s post, here’s a guide to what I did to check that I was doing all the necessary things.

Quick! Research Needed! (gold exclamation point on a dark background)

Background is useful

One thing that makes for really excellent research is having something of a background in the topic.

Obviously, we’re not going to be experts in all the things, all the time – no one can do that. But we can help ourselves out by taking in a steady stream of information that makes it easy to get ourselves up to speed on specifics quickly if we have to.

For me, this means reading or skimming a couple of general purpose sources of news and information. I subscribe to online editions of two newspapers and support one of my local NPR stations (and they send a summary of current major stories daily), plus I read several general purpose sites that cover a wide range of topics (Metafilter, in my case), plus a couple of general financial and lifehack sites.

I specifically wasn’t trying to build expert knowledge in what to do if I got hit with identity theft (because the specifics on what to do change periodically, as services and government resources change), but all of this meant I was well aware it happens sometimes, that it’s not always easy to figure out where the breech happened, and that there are in fact steps in what to do about it.

That meant that when I got that call from HR, I didn’t have a tidy list of what to do. But I knew they were out there, that ‘identity theft’ was the term I wanted to work with, and that I’d just need a little time to do those searches and check my information.

Oh, and a bit of background:

If you’re outside the US and trying to figure out what this means: in the United States, the social security number is the closest thing we have to a personal identification number.

It’s technically only supposed to be asked for in a limited number of situations (like taxes, or some kinds of financial accounts) but it’s often asked for in a bunch of other places – everything from college applications to rental applications to medical records.

This makes it rather easy to abuse, unfortunately.

(For those curious about the history of the number designations, here’s a page from the Social Security Administration.)

Habits are also useful

Fortunately, I already have a routine for keeping an eye on financial accounts (more on that in a few steps).

So I knew right where everything was for the different accounts, and could check quickly to see that there were no unexpected charges, and that no one had opened up accounts in my name recently.

First steps

The first step here is to take a deep breath. Panicking isn’t going to make this go better, and it won’t solve the problem (no matter how tempting it is.)

I was at work when I got that call. I did a little quick searching that made it clear that yes, I was going to want to make half a dozen phone calls, and a couple of them probably needed to be during business hours, which helped.

I’d been out sick for two days on Wednesday and Thursday, and had already been considering going home early, so I arranged to do that (because making the calls from home would be a lot easier.) Fortunately, I’d already done the things that I really needed to be in the office to do.

The drive home was fast (no traffic!) but it gave me about fifteen minutes to process through things and sort out what I wanted to do in my head, so it would be easier to take steps in a useful order when I got home.

Initial searches

I started by doing a search on “identity theft social security number” because that was the thing I knew had been compromised – and it’s a slightly different kind of issue than someone who potentially has your credit card info.

I browsed through the results, looking for highly reliable sources – for example, there’s this PDF guide direct from the Social Security Administration. I also found less official guides like this one, that still had a useful set of tasks and suggestions.

I focused on recent pages, written in the last year, since advice changes as people try new scams, and technology has new options. I also looked at my state attorney general’s site for information.

(If you search in Google, you can use the “Tools” option and select “Past year” instead of “Any time” in the option that will pop up below the main search tabs.)

I didn’t take the advice from any one source (even the Social Security folks!) Instead, I looked at about 20 sources and combined them into a list of things to do. (That’s also why I’m not giving you a ton of links here: the best resources will change over time.)

Here comes the spreadsheet

You knew there was going to be one, right, if you’ve been reading this blog.

I set up a spreadsheet with multiple sheets in it.

The first sheet has conversations I’ve had or steps I’ve taken (like online reports). It has columns for date, time, who I talked to, what the general topic was, how (phone, online, etc.), and then notes for the conversation and any follow up I need to do or pay attention to.

The second sheet has links of things I still need to do.

The third sheet has specific contact information for people I may need to get in touch with again, so I don’t have to hunt up the numbers or web addresses.

What did I do?

1) Put a fraud alert on my credit account.

This is a 90-day alert, and if you call one of the three agencies in the United States, they will pass the alert on to the other two. The call was entirely automated and very straightforward for being an automated call.

I got a reference number and asked for my rights to come in the mail, rather than hearing them over the phone, so I’ll have a confirmation of what they are. It’s possible to extend these alerts or put a credit freeze on for longer, but it’s easier to do that once I have a completed police report.

2) Put in a police report with my local police department

This produces a temporary report (the instructions say very clearly not to use the confirmation number until they’ve followed up) but a police report opens up some additional options for later (and if there ever is a problem down the road, being able to demonstrate that I reported it is helpful.)

My police department has an online form that you fill in, or I could have called the non-emergency line. This was the second step because I wanted to be able to say I’d made the report to any later calls.

3) Called the Massachusetts Unemployment Fraud line.

I found them by looking at the Unemployment Office site. Since this is the place where the actual identity theft happened, it was high on the list. I spoke to a really pleasant man who was glad to confirm they’d already flagged it as a problem in their system, and that the address they had wasn’t the one I gave them.

The big issue is that if I ever do need to file for unemployment in Massachusetts, as long as that claim is on file, I’ll need to have additional identification and documentation. (This means that police report is important! But also things like a photocopy of my ID, and current mail to demonstrate my address, etc.)

4) My bank

I bank with a small local independent bank who have the best customer service (Thanks, Leader Bank!)

I got a real person right away, no phone tree, and he was great about checking and making notes in my file that if there are any inquiries about my account, to ask for an agreed on passcode, or call me for verification.

5) Credit cards

I didn’t put a freeze on my credit accounts just yet (it will take a little more paperwork and I want to have the police report to reference before I do).

I did turn on alerts on all of them to let me know if there are more than very minimal charges on any of them. I already check my accounts manually twice a week. (I will be bumping that to three times a week.)

6) Reporting to the FTC

Many of my sources (including the SSA) encouraged me to report it to the FTC’s Identity Theft site. They ask you a series of questions about what happened and advise what steps you should take. You can also get a confirmation number saying you filed a report with them, which helps demonstrate that you took action on the problem.

7) Social Security Administration

I was able to lock access to my account online but will need to do a more elaborate process to sort out some of it. Again, some of that will be much easier with the police report.

Things I need to do in the future

Once I have the police report, then I’ll do additional paperwork for a credit freeze and to clear up documentation with the social security offices.

It’ll be important to keep that documentation somewhere easy to access if I need it (i.e. all in one place) so that if I do need it, I can grab it quickly. I’ve been a little unhappy with my current ‘important papers’ filing for a while, so this is a good time to rework that system into something a bit easier to use.

I live by myself, so one of the things I’m thinking about here is if something happens where friends need to help me with filing for disability or other benefits, what I need to document now to make that easier. My ideal is to be able to identify a folder that has a summary of everything.

Along the way, I also read a bunch of advice – for example, I may get scam calls with threats if I don’t make payments, pretending to be from the IRS, etc. The sites I looked at had advice on ignoring those and explained how the IRS actually contacts you.

I’ll also just need to keep an eye out for weird stuff, in case something else crops up. Some of the things I found suggest people try the unemployment scam first and then move on to other things if it works. On the other hand, this might not be the only person who has my information, depending on how they got it, so it could be an issue for credit, leases, etc.

A day in the life of a librarian (October 2017)

Welcome to a periodic installment of ‘day in the life’ because I figure it might be interesting to see what this looks like for a librarian. This was not quite a typical day, but it gives a good range of the kinds of things I do.

(I’m not being very specific about the content of some of the things I’m working on, both because of patron privacy and because it’d fairly quickly directly identify where I work: instead, I’m talking about the kinds of questions and projects in more general terms.)

Image: A wooded path with autumn leaves, trees arching overhead. Text reads: Librarians: Day in the life (October 2017)

A not quite typical Friday

5:15am :

Get up, do minor morning computer things, put on swimsuit and nicer work clothes on top. Make sure to pack jewelry and a nicer hair thing. (Normally, I am a knit top, knit skirt, and hair in a braid person, but we have international visitors today.)

6:00am :

Leave my apartment, drive to the fitness club where I swim. Swim from 6:25 to 7, shower, change, drive to work.

7:35 am :

Get into the library. Our library and archives assistant is working in the archives this morning (so she can be up in the library this afternoon) so I turn on the lights, unlock the stacks, and pull the cart of materials for our visiting researcher out into my office.

For the next hour, I eat breakfast, work through my email, review some pages on the intranet that we need to tidy up, and read web pages about the people who are visiting this afternoon, so I can have a better sense of their possible questions. Forward one question to other people in our institution who can probably identify the thing being asked about much more quickly.

We’re light on questions today – only the one so far. Some days, I come in to find three or four waiting.

8:45 am:

Quick bathroom break, set up our webcam for monitoring our researcher and wait for her to show up at the front desk.

We have a very small staff (me, our archivist, and a shared assistant) and visiting researchers work at a desk in my office. It’s common for archives to have limits on how materials are handled (that’s another post!), and for people using materials to be observed the entire time.

Our IT folks helped us figure out a webcam option (pointed at the work table researchers use, but we can’t see things on their screen or notes, just that they’re not mishandling materials), which means I can take a quick break (bathroom, to help someone else, etc.) with a little advance warning now.

However, there are some other limitations: there’s some kinds of work I have a much harder time doing or focusing on, and I can’t do things involving extended phone calls or going back and forth to the stacks. And I can’t have music on, and there are definitely some tasks I find easier or more pleasant with music or a podcast.

This researcher has been here for two days already, so we don’t need to cover any of the basics like how things work.

9:00 am:

Waiting for researcher to appear. Get a reply to the ‘track down this particular thing’ with a list of other people to ask, send the question off to them. Answer another email re: the library newsletter. Open most recent newsletter so I can set up this month’s version (it goes out the last week of the month.)

My researcher days involve a certain amount of ‘can’t start more complex task because I am waiting for them to show up/come back from lunch, and don’t want to get into the middle of something’

9:35 : Go to plug in my phone for music, researcher arrives. Get her settled.

9:50 am:

Get a call from our front desk: there is a walk-in visitor who’d like to visit the library. Get assistant to Skype in from downstairs to keep an eye on researcher.

It turns out to be a book jobber who buys books from various sources including library discards and resells on Amazon/eBay (she is here with a friend doing something at our institution.) We discard very few books, but I give her a chance to look at our free shelf.

10:15 am:

Get back to my desk to actually do things. Take a while to settle down again. Answer an email about shifting one of our general email addresses over to Gmail (we are at the tail end of shifting from Outlook to Gmail: I am delighted by the switch, but will be glad when everything’s in one system.)

Get an answer back about the thing this morning, remove stuff not to be shared with person who asked (a “The person who developed this is very elderly, you might be able to reach her at this email” which is the kind of thing we don’t pass on to researchers unless actually necessary.)

11:15 am:

Work on newsletter. Pause to make an accessible version of a handout I want to include in the newsletter.

The newsletter is a simple Word doc that goes up in our staff intranet. There’s a section about something the Research Library offers (this month, I’m talking about getting research articles), an Archives thing (usually a recently digitised collection) and then information about the month’s book display and a list (with some brief annotations) of new titles in the library.

12:00 pm:

Have lunch with colleagues and researcher (outside on a picnic bench: we are making the most of the last of the decent weather.)

12:30 pm:

Back at my desk, doing a few small things before my 1:00 meeting.

1:00 pm:

Meeting and tour of campus with two people (the CEO and an architect) from overseas who are doing a tour of schools and organisations like ours around the world to see best practices for specific kinds of design. They were fantastic.

(Also fantastic: the foundation that gave them a multi-million dollar grant on the condition they did such a tour. Very smart. They were learning a lot from seeing how different places did things and what was working for them best.)

3:30 pm:

Dash back from the tour just in time to let my assistant go for the weekend (since she’d been the staff member in charge of our researcher.) Grab a bottle of fizzy water because that was a lot of walking. Catch up on email that came in while I was gone, try to finish the newsletter except for pulling the new books.

3:55 pm:

Discuss interesting reference puzzle with archivist. Put interesting puzzle on to-do list for Monday, because the amount I will get done before leaving is approximately 3 minutes and a lot of frustration. See researcher back out to the main door, do a few tiny things.

(As a note, the research on Monday involved about 90 minutes of diving into the actual process by which people made sculptures in the 1840s. Who knew?! We’ve got useful answers now, though.)

4:15 pm:

Head home, via my local pharmacy for a flu shot. Get back home around 5:30 (due to the flu shot: I normally get home around 5.) Make dinner, fall over, do brainless things for the rest of the evening.

A long-extinct plant

Basket of carrots, radishes and a lonely bulb of fennel at a market. Text on image reads: Searching, finding a mysterious plant

Today’s resource

I’m a big fan of the Search/Research blog, by Dan Russell for improving my search skills. (He works at Google, but this is a side project).

He posts challenges with a question (and people reply in the comments with thoughts) and then a week or so later, he posts the results, so you can see how he did something and learn a bit along the way.

He just tackled a favourite topic of mine, a long-extinct plant that, as he says was “something so valuable that it was depicted on ancient coins as an emblem of wealth.”

I knew immediately what he was talking about (this is a thing that happens to me a lot: I am a magpie of random bits of knowledge) which is one way to figure out an answer but I loved seeing how people sorted out searching for this.

Here’s his original challenge post, and here’s the answer with additional search tips.

Additional observations

He mentions that “Roman extinct plant” doesn’t pull up the list of People Also Ask for him, but it did for me when I tried it just now. Nice example of either how the filter bubble affects things, or the effect of people searching on this topic as a result of his posts. Hard to tell which!

Screenshot depicting results for a search "Roman extinct plant" as described in surrounding text.

Unreliable narrators:

I also really love Dan calling out that historical sources aren’t always reliable. Especially about medicine. Or science. Or, come to that, a number of other topics.

Pliny the Elder is a great example: he did a lot of writing about things that are useful because they survived when other historical medical and natural history writing didn’t. But he’s not the most reliable source for actual useful information.

If you want to know more about Pliny, the podcast Sawbones did an episode all about Pliny in 2016. He keeps coming up in their discussions of medical history, again, because a lot of his material survived when other people’s didn’t. They provide tons of reasons his medical advice is not something you should be following.

PS

The image for this post has one lonely fennel bulb, which is in the same family as Silphium. I thought that rather appropriate.