Living in a mansion, driving a luxury car and lavishing expensive jewelry on himself, Sirhon "Ron" Rivers was at the top of the world — thanks to those who are six feet under.
Over four years, he stole $2.3 million by filing more than 800 fraudulent state income tax refunds — all by using the identities of people who had died.
"He went to [genealogy] websites to get Social Security numbers and other information of the deceased," explains Assistant U.S. Attorney Anthony Gonzalez, who helped put Rivers behind bars. (He's now serving 8 1/2 years in federal prison.) That information allowed Rivers to e-file credible tax returns and collect the refunds.
Other thieves using identities of the deceased have targeted the IRS. They netted $70 million in refunds from 19,000 federal returns for 2011 alone.
Postmortem identity theft may be shocking, but it's hardly rare, especially because the victims aren't around to complain. Each year the names and personal data of some 2.5 million deceased Americans are used to fraudulently apply for credit cards, loans, tax refunds and utility services, according to Stephen Coggeshall of ID Analytics, an identity-theft protection company in San Diego. "Their Social Security numbers are sometimes easier to find than credentials of the living."
Some crooks glean the numbers from accomplices working in hospitals or funeral homes. Others get them from state-run websites that publish death certificates, sometimes including Social Security numbers. Or they buy numbers on cyber black markets. "But perhaps the best-known source," Coggeshall says, "is the Social Security Administration's Death Master File."
The file contains the names, Social Security numbers and dates of birth and death of some 95 million deceased people. It allows employers, financial institutions and government agencies to identify fraud when processing applications, and is reportedly available only to these entities.
But federal law requires that a version known as the Social Security Death Index (SSDI) be made public. Even without Social Security numbers, the SSDI often provides enough information for identity theft — and these details may be free on genealogy and other websites.
Identities of the dead also figure in illegal work. Consider a recent federal audit that found that for tax years 2006 to 2011, tax returns reporting $3 billion in income were filed using the Social Security numbers of almost 67,000 people born before June 16, 1901—who would now be turning 114 or older.
Federal auditors have faulted the Social Security Administration (SSA) for not efficiently updating the Death Master File — 6.5 million number holders born before that 1901 date were not in it. SSA spokeswoman Dorothy J. Clark says that fewer than one-half percent of 2.8 million death records added to the list annually are erroneous, but that the SSA continues to try to improve.
- Immediately send death certificate copies by certified mail to the three main credit reporting bureaus. Request that a "deceased alert" be placed on the credit report.
- Mail copies as soon as possible to banks, insurers and other financial firms requesting account closure or change of joint ownership.
- A family member should report the death to the Social Security Administration at 800-772-1213 and the IRS at 800-829-1040. Also notify the state motor vehicles department.
- In obituaries, don't include the deceased's birth date, place of birth, last address or job.
- Starting a month after the death, check the departed's credit report at annualcreditreport.com for suspicious activity.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.
Also of Interest
- 9 cheap ways to protect personal data
- Top 10 superfoods
- Find great volunteer opportunities in your community
Join AARP Today — Receive access to exclusive information, benefits and discounts