His dad is rich, and dying. He's facing huge credit card bills and unemployment. His inheritance is just sitting there. And sitting in the desk drawer is a power of attorney document Dad signed for him years ago, giving him the right to do anything he wants with the father's money. The temptation is too powerful, and the crime is too easy, to stop.

The story plays out thousands — perhaps hundreds of thousands of times — every year across the country, a scourge of old age.

America's vulnerable, graying population, and the concentration of wealth among older adults, has created a massive opportunity for fraud. Hard statistics are not available, but experts suspect that perhaps half a million elderly adults are ripped off by family members, lawyers and accountants every year, potentially taking $2.6 billion from infirm older Americans. The crime is known as elder financial abuse. Financial expert and consumer advocate John Wasik has called it "the crime of the 21st century."

"This is something that's rarely explored because the victims are rarely in a position to report the abuse," said Wasik, author of 13 books on personal finance issues.

This story will discuss the warning signs of elder theft and offer tips on what to do if you suspect a family member or friend is suffering financial abuse.

The tool used by the criminals who steal from the elderly is a legal document called a "power of attorney," which enables a designated adult to make financial decisions on behalf of another. Because power of attorney decisions are rarely reviewed, the document has been called a "license to steal." In legal circles, the crime is called "power of attorney abuse."

High-profile cases of elder financial abuse have helped shine a light on this age-old problem. In 2009, Brooke Astor's son and attorney were convicted of stealing $10 million from the socialite's $100 million fortune.

But Astor's estate is dwarfed by that of 104-year-old Huguette Clark, a reclusive heiress worth half a billion dollars who's been the subject of several msnbc.com stories by my colleague Bill Dedman. He's discovered suspicious transactions involving priceless paintings, musical instruments and a New York City apartment, and his reporting has led to a criminal investigation headed by the Manhattan district attorney's office. Thanks to inquiries from more than 100 msnbc.com readers, the New York office of Adult Protective Services is looking into the case. Many writers were prompted by their own personal encounters with elder theft.

Authorities are investigating potential theft of heiress Huguette Clark's fortune in her old age by trusted advisors, but elder financial abuse can happen to anyone.

That's the first and most important tip, experts say: Get involved. Report the crime. Many criminals get away with siphoning off cash because other relatives have detached from the older adult's life, assuming someone else is doing their job and taking care of end-of-life details.

"Keeping involved, active and in touch with the older person, staying aware of how they are doing and asking a lot of questions, that's very important for prevention and early intervention," said Sharon Merriman-Nai, co-manager of the National Center on Elder Abuse. "It can take next to no time for someone's assets to be depleted, so the quicker you can act, the better."

That means calling your state's Adult Protective Services officer, as msnbc.com readers did in response to Clark's story. You can find a state-by-state list here.

One serious challenge for family members who want to step in and help out: Frequently, local police will interpret elder theft as a civil, rather than a criminal, matter. That's why it's important to report suspicions to the Adult Protective Services office, which knows how to handle such incidents.

Reporting the crime is also critical because financial abuse is often accompanied by other forms of abuse, Merriman-Nai said.

"Physical abuse may be present, too. And if there's financial abuse, there's almost certainly some kind of psychological abuse going on," she said. "Quite often, they are being physically intimidated." In extreme cases, victims won't be able to afford the health care they need because their funds are depleted.

Calling to accuse a relative or a formerly trusted advisor is a big step, however, and one many family members are reluctant to make. It's also possible, Merriman-Nai said, that disputes or rivalries might cause one family member to misinterpret the actions of another. So it's important to ask questions and, if possible, obtain paperwork detailing alleged abuse, such as bank statements.

Wasik said: "You really kind of need to have something in hand to show this stuff is going on. It's not easy to prove without documents."

Garage sales hide theft
But elder financial abuse, particularly when committed by professional financial advisers, can be hard to spot and even harder to prove, said Jerry Walker, a Seattle-based lawyer who specializes in estate planning.

"There's all sorts of ways to liquidate items and have no record of it," Walker said. "I've seen big garage sales, for example, where a lot of property is sold and there are no receipts ... or they form a company and funnel money to the company. They can change beneficiaries or even hire relatives to do easy jobs. There's lots of crazy ways to get money out of an estate."

Elder financial abuse can be brutal and obvious, as in the Astor case. Or it can be much more subtle, Wasik said. In many cases, the issue is greed brought on by a sense of entitlement.

"Some cases are really egregious, such as a wayward son or daughter who comes into the picture and cleans out the accounts. But there are any number of scenarios," he said. "Other times, there are children who know the money is there, and the temptation for some is too great. A lot of people who lost their homes or are going to lose their homes have no financial assets at all. They are technically impoverished, but they see Mom and Dad sitting on a nest egg and they say, 'Hey, they're going to give it to me anyway, so why not use the money now?' "

 Some cases are even more sinister, Merriman-Nai said.

"It's called 'undue influence,' and it's far more sophisticated, a very well-plotted-out, strategy to separate older individuals from their assets," she said. "It begins with someone gaining the trust of an elderly person, then separating them from their support network, isolating them from other people. Then they are able to exert tremendous influence on the elderly person."

That influence can extend all the way to bank teller windows. Elder financial thieves can have such hypnotic power over their victims that they transport the elderly person to the bank and stand nearby while he or she withdraws thousands of dollars in cash — and then hands the money over.

Most cases aren't reported
In fact, a report by MetLife Mature Market published in 2009 found that bank teller training is among the more effective ways to spot and stop elder abuse. In a test, tellers correctly identified suspicious transactions 7 out of 10 times, the report said.

"All by themselves, alert and well-trained bank tellers could have significant impact on financial abuse, especially if their numbers were to grow," the report found. By extrapolating from newspaper accounts of elder abuse, the report's writers estimated that $2.6 billion is stolen from older Americans every year and that only 1 in 14 cases are reported.

There is no national accounting of abuse cases, said Merriman-Nai, and that has blunted efforts to draw attention to the problem. But a paper published by AARP in 2008 (PDF) found that Adult Protective Services agents around the country report an "explosion of financial exploitation cases," particularly those involving power of attorney abuse.

The AARP report concludes that there are three main reasons that power of attorney abuse is so rampant: Receivers of the power, sometimes called the "attorney in fact," have exceeding broad powers. There is a nearly complete lack of monitoring of the attorney in fact. And there are unclear standards for dealing with those who abuse the power.

But perhaps most discouraging is this conclusion from the report:

Power of attorney "abuse may not be detectable until the principal has died."

One bright spot for those concerned about elder abuse: Tucked into the omnibus health care bill Congress passed earlier this year was the Elder Justice Act, which set aside nearly $800 million to expand efforts to investigate elder financial theft during the next four years. Advocates had been attempting to get the funding from Congress in the form of the Elder Justice Act for years.

Still, the fast-growing elderly population has Merriman-Nai concerned about the future.

"The problem is probably going to get worse before it gets better, the way the population is aging," she said. "But one hope we have is that the Baby Boomers are a generation of activists, and they will not go quietly. If we have an opportunity to put this issue on the map, it's now. The resources this generation can bring to resolve these problems can have quite an impact."

IF YOU SUSPECT ABUSE
As financial abuse can take many forms, it can leave many hints. The clearest: If an elderly friend or family member is not getting the medical treatment you think he or she should be able to afford.

Withdrawal or depression are also warning signs, Merriman-Nai said. If the older person is suddenly reluctant to talk about finances, that could also be a sign. But even a gradual withdrawal from normal conversations might be a hint that something is wrong — or that someone is trying to isolate the person from people who might spot the crime.

Unexpected dramatic financial transactions, such as a surprising sale of property or a large cash transaction, should also raise red flags.

HOW TO PREVENT ABUSE
One key to prevention is to stay involved in the elderly person's life well before there is a need to invoke a power of attorney. Maintaining a good relationship — including frank discussions of financial matters — will create a bond of trust that could be all the difference later in life when questions arise about finances.

Also, it's critical to make plans early on, when the elderly person is capable of being fully involved in the decision-making process.

"It's when you aren't taking the bull by the horns that things get out of control," Wasik said.

In many cases, the seeds for abuse are sown when an older person — trying to do the right thing, and preparing for the inevitable — signs what's called a "springing" power of attorney. Such a document takes force only when some trigger is reached, such as confirmation from a doctor that the individual is incapable of making his or her own financial decisions. The power of attorney might not spring into force for five or 10 years. Circumstances, as well as trust levels, can change a lot during that stretch of time.

While it makes sense to give a family member that kind of power over your finances, many older adults trust their accountants or lawyers more than their children. But in either case, Walker recommends not giving too much power to one person.

"You can split power of attorney up among two or three people, so they have to agree on decisions," he said. "That can provide some checks and balances. Of course, they might disagree, and you have to have a method for resolving deadlocks."

Wasik recommends something similar — give one family member the power of attorney, but require that person to provide regular reports to a council of other family members where financial decisions must be justified.

Walker strongly recommends against picking an attorney or accountant to receive the power of attorney.

"They are the ones that know how to play the game and work the rules," he said.

Ultimately, Walker said he wished that attorneys and accountants who exercised power of attorney were responsible to some higher authority, such as a social agency, in order to provide checks and balances.

"If you are an attorney, you are not accountable to anyone," he said. "The only way I can see it working is if you have to prepare an accounting and justify it to someone."

A court-appointed conservatorship is a more expensive option, but it does provide a facility for court review and other safeguards.

Finally, if you suspect elder financial abuse but aren't sure, or you are reluctant to involve law enforcement, Merriman-Nai recommends contacting an elder law attorney. The National Academy of Elder Law Attorneys is one place to look for such a specialist.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

LifeLock Inc. has been ordered to change its identity theft product by a federal judge who ruled that the firm has engaged in an "unfair business practice."  

The Arizona-based company -- made famous by ads revealing CEO Todd Davis' Social Security number -- was sued by credit bureau Experian last year.  In its lawsuit, Experian said the company was violating the Fair Credit Reporting Act while placing fraud alerts on behalf of LifeLock customers.  U.S. District Judge Andrew Guilford of the Central District of California agreed, and granted a motion for summary judgment last week ordering LifeLock to stop.

LifeLock CEO Todd David said his company would use "all available avenues" to fight the ruling, but argued that its impact on customers would be minimal.

Consumers who fear becoming a victim of identity theft can file a fraud alert with each of the nation's three credit bureaus: Experian, Trans Union, and Equifax.  The fraud alerts act as a flag to banks and other credit granters that they should use extra precaution when offering credit to anyone using that individual's Social Security number.  Generally, credit granters -- such as auto dealerships or retail stores offering credit cards -- are urged to call consumers to verify their identities when a fraud alert is in place.

But the basic alerts last only 90 days unless consumers go to the trouble of reapplying. LifeLock's chief product involved automating the process of renewing the alerts.  LifeLock representatives call the credit bureaus on behalf of consumers and reapply for alerts every 90 days.

Experian objected to this practice, claiming that the Fair Credit Reporting Act requires individuals to apply directly for fraud alerts themselves, making only a very narrow exception for other persons acting on behalf of an individual.  The credit bureau, which complained that LifeLock was abusing its telephone systems, said Congress never intended for companies to file fraud alerts on behalf of individuals. 

Judge Guilford agreed.

"Congress expressly excused Experian and other credit reporting agencies from placing fraud alerts requested by companies like LifeLock," he wrote in his ruling last Tuesday. "The court finds that this is a proper interpretation of the plain meaning of the statute."

The judge also agreed that LifeLock's automated fraud alert filing caused harm to Experian.

"Experian clearly incurs costs each time it must process a fraud alert made by LifeLock. These costs include the costs of allocating Experian's electronic resources and employee time, plus the maintenance costs of Experian's toll-free telephone number and Web page used to accept fraud alert requests," he said. "Experian also incurs postage and printing costs in mailing disclosure letters to each consumer on whose behalf a fraud alert is requested."

Davis said he was surprised by the judge's order, which he said favored credit bureau Experian over consumers.

"I can hire someone to do my taxes," he said.  "There's a similar concept here. ...The idea that they are somehow protecting consumers with this ruling by making them do the work doesn't make sense."

Davis said LifeLock would no longer file fraud alerts with Experian, but would continue to file alerts with Trans Union and Equifax.  Because credit bureaus are required to share alert information, he speculated that LifeLock-filed alerts would end up on Experian's files anyway.

In a statement, Experian said it was "pleased" with the court's ruling.

"This ruling is not just positive for Experian, but for consumers. Experian will continue to work with consumers to provide education and services to assist them with understanding the credit reporting system," it said.

LifeLock's bold advertisements are nearly ubiquitous.  Last January, the company announced it had raised $25.5 million in funding orchestrated by Goldman Sachs Group. Much of the money has gone to advertising, which apparently has paid off. The firm says it has 1.5 million customers now, each paying about $10 per month for the service.

Stop prescreened offers here.
Learn about stopping junk mail here
Get your free credit report here
Add a fraud alert at Experian, Equifax, or Trans Union

The full LifeLock-Experian case is slated to be heard in court during November.  Should LifeLock be ordered permanently out of the fraud alert business, Davis said the firm will continue to provide a slate of other valuable services. LifeLock removes customers from junk mail lists and preapproved credit card offer lists and provides them with copies of their credit reports, he noted. But those services also are available free to consumers who seek them out.

LifeLock also says it will assist victims with identity restoration if they ever become victims of fraud, promising to spend up to $1 million to do so. And it offers a service designed to make life easier for customers who lose their wallets.

When Aaron Marks tried to electronically file his tax return last spring, it was rejected by IRS computers. The reason, according to the agency, was that someone had already filed a return using his Social Security number. Not to worry, an IRS operator told him on the phone, just mail in your tax return and it'll get fixed. "(The agent) acted like there was nothing to panic about," Marks said.

But a year later, the Boston resident still doesn't have his $2,000 tax refund.

About the same time Marks tried to file, IRS officials testified before the Senate Finance Committee about the problem of tax return ID theft. The committee heard horror stories about the ease of filing false tax returns, the criminals who essentially steal citizens' refunds, and about the thousands of Americans who sometimes spend years dealing with the fallout.

For years, tax return scams have been relatively easy to commit. Armed with a Social Security number and the right company tax ID, criminals could file a return and likely get a refund check, as long as they filed before the legitimate SSN user. In fact, many criminals exaggerated deductions or withholding amounts in the returns to get an even bigger refund check, causing further problems for the real taxpayer down the road.

IRS Commissioner Douglas H. Shulman, who had just taken office weeks before the April 11, 2008, hearing, pledged major changes to stem the growing problem. He promised a new identity theft investigation unit within the IRS and a new 1-800 number for victims. He also said the entire agency would be trained to better handle the problem.

"If you say the words 'identity theft,' you'll be sent to a person trained to deal with identity-theft victims," he pledged.

The changes have achieved mixed results.

The IRS launched its new unit, the IRS Identity Protection Specialized Unit. There's a Web site and a toll-free number for victims at 1-800-908-4490 that's staffed 12 hours per day.

Aaron Marks, however, still hasn't received his $2,000 from the 2007 tax year, or, his 2008 stimulus check. And this year, when he tried to electronically file, his return was again rejected. He called the IRS. An agent told him to paper file. He insisted that more action be taken. He demanded a manager. She told him his refund check was sent out last year, but wouldn't tell him where, or even confirm that it wasn't sent to his home address.

"Then she told me to tell the Federal Trade Commission," he said. When he filled out an FTC Identity Theft affidavit, he was then told to get a police report.

"The Boston PD aren't going to know what to do about this," he said. Including his expected refund from this year, Marks figures he's out $4,000 right now. Meanwhile, he figures, a criminal is running around with his tax refund.

"The only reason I found out about this was because I expected money back," he said. "Who knows how big this problem really is?"

The IRS says it knows, and it's miniscule. Spokeswoman Michelle Lamishaw said tax return ID theft hit a tiny fraction of 1 percent of all returns all returns last year.

"It is not what we consider widespread," she said. "But the impact on individuals we take very seriously." Lamishaw said she was unable to discuss Marks' situation because IRS agents are not allowed to publicly discuss any taxpayers' account.

'A huge potential to really address the problem'
Nina Olson runs the National Taxpayer Advocate Service, an agency that helps citizens engaged in entrenched battles with the IRS. A frequent critic of the agency, she gave it relatively high marks for its new identity theft initiatives.

For the first time, she said, the agency has initiated a "flag" to track citizens struggling with identity theft. Even consumers who merely suspect they might suffer tax return fraud -- for example, a victim who lost a wallet -- can now ask the IRS to add such a flag and not send a refund check to a potential imposter. And it has developed "business rules" to help it determine the rightful SSN user when multiple returns are filed, similar to rules used by credit card firms to identify fraudulent credit card transactions, she said.

The agency also has added the ability to proactively inform a citizen if a Social Security number is being used by someone else, she said. The agency has plans to send warning letters to SSN holders, but has not begun. Only recently did it get legal clearance to send such letters, she said.

"The new unit has a huge potential to really address the problem," she said. "The progress in the last year has been enormous."

On the other hand, the National Taxpayer Advocate Service has seen an 88 percent increase in ID theft cases this year over the same period last year. It's unclear if the spike means an increase in crime or merely an increase in awareness, but either way, the problem is still severe, she said.

Last year, there were 24,000 known cases of tax ID theft, and that number severely undercounts the actual number of victims, many whom have yet to discover the problem, she said.

"Those 24,000 taxpayers are spending their lives on the phone. Maybe their wages are being garnished. Maybe they found out because there was a lien," she said. "For those victims the problem is very real. It's often a full-time occupation to fix it."

No faith
It's not clear why Marks' case continues to slip through the cracks. Lamishaw said IRS operators be aware of the agency's ID theft hot line, but speculated that there might be a communications lag because the office is new.

Recently, Marks found his way to the Identity Theft Resource Center Web site, which recommended people in his situation contact the Taxpayer Advocate office. He did so, and said that he spoke to a helpful caseworker who took an interest in his problem and offered to help. He's optimistic, but he's still waiting for his refund.

"My faith in the federal government has been kicked down yet another notch," he said.

Lamishaw, meanwhile, urged victims like Marks to contact the IRS' toll-free ID theft number, even if they've already tried unsuccessfully to resolve the problem earlier.

"We do recommend people give this office a try, even if they were frustrated in the past," she said.

RED TAPE WRESTLING TIPS
There are many ways an identity thief can get a hold of the necessary information and file a tax return in someone else's name. Linda Foley, director of the Identity Theft Resource Center, says some imposters are illegal immigrants using someone's Social Security number in order to get work permission. But there are many other variations on the crime.

"People who don't want criminal histories known, have bad credit reports or may be hiding under another SSN to avoid child support payments," she said. "We get a number of cases like this."

Early detection of tax return ID theft is important to quickly resolving the problem. Watch for any suspicious signs -- the rejection of a return, a surprise bill from the IRS for unpaid taxes, a lengthy delay in refund payment, or even unexpected entries in your annual Social Security earnings statement.

The IRS ID theft fact page is very useful.

At the first sign of a problem, call the IRS Identity Protection Specialized Unit at 1-800-908-4490.
You don't have to wait for a tax problem to warn the IRS that you've been a victim of ID theft, however. If a criminal is using your SSN to open credit accounts or compromise your identity in other ways, consider calling the IRS hotline and asking the agency to flag your account. Lamishaw, the IRS spokeswoman, said that won't prevent a citizen from e-filing or delay refunds, it will just instruct the agency to take a bit more care before mailing out refund checks.

And every taxpayer should know about the National Taxpayers Advocate Service. Dealing with the IRS can be challenging. The advocate's service is designed to help taxpayers who feel they've hit a brick wall in dealing with the agency. Last year, the advocate's office had 275,000 open cases. There are offices in every state in the nation. Click here to find the one for your state.

You're the federal agency charged with protecting consumers. You have a $250 million annual budget, subpoena power and the ability to refer cases to the Justice Department for prosecution. So what do you do when one of America's biggest companies continually flouts the law?

You challenge the company to a joke-off.

At least, that's what the Federal Trade Commission has done. On Tuesday it released two videos that spoof the popular FreeCreditReport.com commercials and their trademark catchy tunes.

The government's ads never mention FreeCreditReport.com by name, but the target is clear.

"Beware of others, there's always a catch," the singer croons in one ad that's a dead-ringer for the FreeCreditReport spot set in a restaurant. "They claim to be free but strings are attached."

FreeCreditReport.com is owned by credit bureau Experian, which has been engaged in a decades-long battle with the Federal Trade Commission over alleged misbehavior. Most recently, in 2005, the FTC settled charges with the firm that it intentionally misled customers with its FreeCreditReport.com Web site. The FTC said in its lawsuit that the company was confusing consumers who were looking for their congressionally mandated free annual peek at their credit reports. Experian agreed to refund customers, but admitted no wrongdoing.

Even after the settlement, it kept right on marketing FreeCreditReport.com, where consumers must sign up for a $15-a-month service in order to get their credit reports. The lead singer in the ads has even become a cult figure on the Web, as my colleague Helen Popkin explained recently.

But the ads are a frequent target for consumer advocates. The Internet -- and my inbox -- is awash with complaints from consumers who were charged unexpectedly by the service, and have difficult canceling to avoid automatic renewal charges.

Consumers who wish to see their credit report for free should visit AnnualCreditReport.com

Experian did not respond to a question about the FTC spoof ads, but issued a statement arguing that consumers who sign up at FreeCreditReport.com receive valuable services.

"While AnnualcreditReport.com provides a free credit report once every 12 months, FreeCreditReport.com provides paying members with continuous access to their credit report and credit score with a paid membership," it said. "It also monitors a consumer's credit report at the three national credit-reporting companies and alerts members via e-mail if key changes are detected, like if a new account is opened in their name, which could help members identify potential identity theft early and take immediate action."

So why is the FTC making jokes instead of enforcing the law?

Nat Wood, a spokesman for the FTC, says the agency must work within "a legal framework." The FTC is actively monitoring Experian's compliance with the 2005 agreement, he said, adding that the agency "does not have the power to take arbitrary actions."

He also said the FTC has another mission: to educate consumers. The videos fit that bill, he said.

"We think education is an important resource and strategy for preventing bad things from happening to consumers," he said.

The ads, which were produced by California-based Aperture Films, are not designed for television. Instead, the FTC hopes they "go viral" and spread over the Internet, Wood said. Similar audio-only versions of the ad are being distributed to radio stations around the country in hope that they will run as free public service announcements.

The FTC is not buying any advertising time for the spoof. "We don't have that kind of budget," Wood said.
Experian spent $70 million dollars on advertising for FreeCreditReport.com in 2007, and even more in 2008, according to TNS Media Intelligence.

Last year, an Experian spokesman told the New York Times that FreeCreditReport ads had run 90,000 times in the previous year.

The FTC ads are hysterical. In a second spot, called "Apartment," the FTC band is playing in a basement apartment with someone's girlfriend cleaning the kitchen in the background, a clear parody of the similar FreeCreditReport spot. In this case, the singer urges consumers to visit AnnualCreditReport.com, then protests:

"All the others charge a fee. Read the fine print and you'll see. … I should know 'cause it happened to me."

The FTC ads will undoubtedly help cut through the "confusion marketing" that helps a company like Experian trick consumers into paying for something that's free, and that makes them an innovative tool for the FTC, and an effort that should be applauded. The agency says it has future video projects in the works.

But it says something eerie about the state of consumer protection in America that the federal agency charged with protecting us has resorted to satire. Given the size of advertising budgets at companies like Experian, I can't imagine the FTC can win a marketing war.

Leave your comment below or visit Newsvine and join the Red Tape Raiders.

Every year, millions of Social Security numbers are "shared" by more than one taxpayer. Government agencies that collect taxes, like the Social Security Administration, spot this immediately. Sometimes it's an innocent mistake; sometimes, it's identity theft. But no one ever tells the victims.

That is, not until now.

A pilot project in Utah aims to warn consumers that someone else is paying state taxes using their Social Security number. Two years in the making, it is believed to be the first such project in the nation. The first "Dear Victim" letters, about 100, started arriving this week.

"We felt as their government that we had a duty to inform the victims so they can take proactive action," said Rich Hamp, assistant attorney general in Utah, who spearheaded the program.

Telling consumers that their Social Security number is being used by someone else might seem a simple proposition. But it's not.

The Utah project began in 2005, when Hamp's office was researching child identity theft. Working with the Utah Department of Workforce Services, which collects state employment taxes, Hamp learned the agency could cross-reference its public assistance data with its employment tax data and find Social Security numbers that were being used to double-dip. The search also unearthed thousands of numbers belonging to children receiving state benefits that were being used by adults earning money and paying taxes. The adults and the kids were essentially sharing Social Security numbers.

Why? There's no way to know without interviewing every victim. But Hamp believes many of those children are victims of identity theft. Many of the imposters, Hamp believes, are illegal immigrants who provide someone else's Social Security number in order to get a job.

It's possible for a victim to "share" a Social Security number with an immigrant and face no ill effects. Many illegal immigrants don't steal credit or do anything else that harms the victim's credit report. But often, they share these numbers with other family members – many victims report they have 5 or 10 imposters. Any one of them may ultimately run into financial or legal trouble that could ultimately be intermingled with the victim's identity. In one extreme example, a Bank of America customer named Margaret Harrison received a debit card with her name, but her immigrant imposter's face.

The problem is widespread. Each year, near 10 million people around the country pay their Social Security taxes using the wrong number, according to the Social Security Administration. In many of these cases, identity sharing – sometimes called SSN-only identity theft – is the cause. While Social Security has never examined the issue in detail, several indicators suggest many of the workers on the list are illegal immigrants, an issue we examined in-depth in "The Secret List of Identity Theft Victims."

$500 billion of earnings in limbo
When someone pays federal taxes using the wrong number, these "no-match" situations are flagged immediately by Social Security. When taxes are paid by a worker who is not the rightful holder of a Social Security number, the government sets the wage credits aside into what's called an "Earnings Suspense File." That file now holds more than $500 billion in uncredited earnings.

But the consumers involved are not notified that their Social Security number is being used by someone else.

Utah officials plan to change that, at least among state residents. Hamp's database merge produced a similar no-match list using available state records. In all, that data coughed up 20,000 numbers that were being used by multiple people, including 4,000 residents under 12 years old.

When the list of "shared" Social Security numbers was developed, the attorney general's office planned to notify children and their parents immediately. But a state law – the Employment Security Act -- stymied their efforts. It actually prevents the Department of Workforce Services from releasing any taxpayer information it collects to the public – even to the rightful owners of the information.

But Hamp and attorney general Mark Shurtleff didn't want to stop there.

"The attorney general's office was uncomfortable that we knew 20,000 individuals whose names and numbers were compromised, and we needed to tell them," Hamp said. So Shurtleff went to state legislators looking for a solution, and earlier this year the Employment Security Act was amended. Now, the agency can disclose Social Security mismatch information to consumers and to law enforcement agencies.

The new law took affect on April 30.

But there were still obstacles to sending out thousands of identity theft warning notices. Chief among them: Who would handle the inevitable flood of phone calls from victims who receive letters indicating they are likely victims of identity theft?

"The question is how do we notify people without clogging everyone's phone lines, without starting panic?" Hamp said.

Random sample, to start
The attorney general's office has set up a special Web site nicknamed IRIS (Identity Theft Reporting System) for victims who receive the letters. It provides necessary forms for them to file police reports and request fraud alerts and credit freezes from the credit reporting agencies.

Still, there were concerns that the "Dear Victim" letters could produce a much more emotional response.

So the Department of Workforce Services has decided to limit its initial letter-writing effort to 100 randomly selected victims, said agency spokesman Mike Richardson.
Agency employees searched for children aged 14 and under with quarterly earnings of $1,000 or more, then manually reviewed their files to pick out the most likely identity theft victims.

"We're doing it in a methodical way, so letters only go out to cases we're most concerned about," he said. The letters will direct victims to register at the IRIS Web site and begin the necessary paperwork.

While some might already know they are victims of identity theft, others likely have no indications they are sharing their identity. Accounts opened by imposters using SSN-only identity theft generally don't show up on credit reports or Social Security wage earning reports.

There is no guarantee that the letter recipients are really victims of identity theft by undocumented workers. Some children might be legitimately working, Richardson said. Some might be in the data by accident. Others might be victims of family identity theft -- parents sometimes use their children's Social Security numbers to shed bad credit reports, for example. Because the letters are going to parents, it's not likely authorities will hear back from those victims. And genuine victims might not react with as much alarm as some are predicting. Still, the agency didn't want to send out 20,000 notices and risk receiving 20,000 phone calls all at once.

"We will see what we get," Richardson said. "If all 100 (respond) and the attorney general's office is overwhelmed, that gives us an idea. If only 2 or 3 come back, then this might be workable."

At any rate, officials in Washington D.C. should watch Utah's effort closely. This experiment in government honesty -- we know you might be a victim, so we'll tell you -- could very well be a model for the Social Security Administration. MSNBC.com will track the Utah program and report back to you on its success or failure.

RED TAPE WRESTLING STRATEGIES:
Consumers who learn they are sharing their Social Security number with another worker have little recourse. They should place fraud alerts or security freezes on their credit reports, even if no illegal activity is apparent. An imposter who uses someone else's number solely for work purposes may one day run into financial trouble and be tempted to commit financial identity theft.

Checking annual Social Security earnings reports for mistakes is a good idea – particularly if you are not getting credit for your earnings. But SSN-only identity theft will not appear on this report, because only wages reported using the correct name and number are credited to your account.

Most consumers discover SSN-only identity theft by accident: A surprise denial when applying for unemployment benefits, for example, or a funny look or question from a bank teller when opening a new account ("Hmm, do you live in San Antonio, Texas?"). That might be a sign someone else has opened an account in your name at your bank or has given an employer your number somewhere else in the country. While these institutions are not legally required to share the bad news they see on their computer screens with you, many tellers and government employees will tell you informally. Don't leave and call a company official later; that official is less likely to be forthcoming.