When we left my credit report story I had a credit score of 618 out of 710 and what I thought was a store card that had just gone into early arrears, which wasn’t even mine, but which I had disputed with noddle.co.uk. This is how it played out.
In October 2016 I received a letter from noddle stating:
So just who is this Shop Direct Finance Company Ltd? Well it turns out they own very.co.uk, littlewoods.com and a few others. They also have a dedicated identity theft team. The first question I’m asking myself after finding this detail is if you need a dedicated identity theft team maybe as a company you need to improve your security... Just in case it ever happens to a reader the phone number to contact the identity theft team is 0800 0151 290.
A phone call had me quickly talking to a very helpful and efficient lady who was well rehearsed in what to do. There was no challenge and she suggested that somebody had found out my name (that’s pretty easy to do), an old address (that’s also pretty easy to do) and my date of birth (that’s more difficult to do as I don’t publicise that anywhere but I know plenty who publish theirs flippantly). Armed with only those 3 pieces of information they’d been able to apparently open an account in my name and had been able to start defrauding me. All I could think about was how difficult it is for me to open something like a new savings account and in some other part of the financial services world I can be defrauded with three pretty trivial pieces of information.
The helpful lady advised me that the matter would be dealt with quickly and a few days later I received a letter from Shop Direct Finance Company Ltd stating:
I have logged into my credit report this morning and I can confirm I’ve successfully repaired my credit score. It is now 663 out of 710 which is higher than the 618 I started with. It’s also better than the average of the area I live in which is 616 and the UK as a whole which is 611. So that saga is over with.
So what have I learnt from all of this? I am actually shocked at how little information is required to defraud somebody in the modern day and also how little security some organisations must have. Then even when they have vulnerabilities, as an outsider looking in of course, rather than make it more difficult they just make it easy for the defrauded punter to fix the fraud.
I am very protective of my personal details and because of this up until now have never worried too much about being defrauded. Looking back I am so glad that I signed up for my credit score and I’ll now continue to check it periodically. Not because I want to be able to take on debt but instead because it’s one way to check if you are being defrauded allowing you to do something about it before it gets out of hand.
As always DYOR.
Click to enlarge, My credit score and credit rating in September 2016
In October 2016 I received a letter from noddle stating:
“Further to our previous correspondence about case referenceWhile I was waiting for that response those early arrears became sustained arrears resulting in my credit rating falling from 618 to 572 out of 710., we can confirm that Shop Direct Finance Company Ltd has not supplied a response to the dispute raised on your behalf. Callcredit [this is noddle] is unable to amend an entry without the permission of the organisation responsible for supplying it and as a result, we cannot assist you further with this dispute. We would advise you to contact Shop Direct Finance Company Ltd [the store card] directly in order to discuss this matter...”
Click to enlarge, My credit score in October 2016
So just who is this Shop Direct Finance Company Ltd? Well it turns out they own very.co.uk, littlewoods.com and a few others. They also have a dedicated identity theft team. The first question I’m asking myself after finding this detail is if you need a dedicated identity theft team maybe as a company you need to improve your security... Just in case it ever happens to a reader the phone number to contact the identity theft team is 0800 0151 290.
A phone call had me quickly talking to a very helpful and efficient lady who was well rehearsed in what to do. There was no challenge and she suggested that somebody had found out my name (that’s pretty easy to do), an old address (that’s also pretty easy to do) and my date of birth (that’s more difficult to do as I don’t publicise that anywhere but I know plenty who publish theirs flippantly). Armed with only those 3 pieces of information they’d been able to apparently open an account in my name and had been able to start defrauding me. All I could think about was how difficult it is for me to open something like a new savings account and in some other part of the financial services world I can be defrauded with three pretty trivial pieces of information.
The helpful lady advised me that the matter would be dealt with quickly and a few days later I received a letter from Shop Direct Finance Company Ltd stating:
“After a thorough investigation I can confirm your name and/or address details have been used fraudulently to obtain products from Very. I have closed the account(s) and requested for credit reference agencies to remove any related information to ensure that your credit rating is not affected in the future...”At the time of the call the helpful lady also offered to register me with CIFAS which will offer me some increased fraud protection going forwards.
I have logged into my credit report this morning and I can confirm I’ve successfully repaired my credit score. It is now 663 out of 710 which is higher than the 618 I started with. It’s also better than the average of the area I live in which is 616 and the UK as a whole which is 611. So that saga is over with.
Click to enlarge, My credit score in February 2017
So what have I learnt from all of this? I am actually shocked at how little information is required to defraud somebody in the modern day and also how little security some organisations must have. Then even when they have vulnerabilities, as an outsider looking in of course, rather than make it more difficult they just make it easy for the defrauded punter to fix the fraud.
I am very protective of my personal details and because of this up until now have never worried too much about being defrauded. Looking back I am so glad that I signed up for my credit score and I’ll now continue to check it periodically. Not because I want to be able to take on debt but instead because it’s one way to check if you are being defrauded allowing you to do something about it before it gets out of hand.
As always DYOR.
A couple of points related to your scenario ...
ReplyDelete1) there are a number of credit ref companies now incl noddle, clearscore plus the main companies
- How does one reconcile the various scores from each as the numerical value varies so much? Eg noddle score is not same as clearscore
- Where do they get/how calculate the scores?
2) The UK should make monthly reports free of charge from all companies for anyone interested to counter fraud
In answer to your first question I don't think you can but I also don't think it really matters. I can't see why if you get a good score with one you won't with the other. Similarly, poor, average etc.
DeleteIn answer to your second question Noddle is certainly free provided you don't succumb to any of their up-sell offers. I also understand the three main providers - Equifax, Experian and Callcredit (who Noddle is part of) - have to provide you with a Statutory Credit Report for a fee of £2 if requested. So £6 would cover off your requirement.
So was the only indicator that you were subject to identity theft your credit score? Nothing else odd occured? Very scary. I think I ought to check mine now.
ReplyDeleteThere is a hint of cognitive dissonance in publicly blogging about your explicit net worth and a strong desire for anonymity
Yes, it was the only indicator. Apparently a package was sent to my home which I never saw but anybody would have easily had time to take a package while I was at work given they'd know when it would arrive. I would guess as the problem became worse and worse (more sales, eventual card hold, lack of payments) I'd eventually have found out even if it was debt collectors banging on the door eventually. I found out when the problem was small as it was only a couple of months old which meant it was actually pretty easily dealt with.
DeleteRe the cognitive dissonance. You're of course right but the accountability benefit and learnings that have been had over the years by blogging have in a way made that net worth. Given the positivity of the journey I also now feel a public duty to try and spread the word to anybody who wants to listen. Thus the book which has spread the message a little wider. I also do my best to maintain my anonymity and I never reveal data that I believe could be used for fraud.
well rather fortuitously, I noticed in the MSE email that martin has started the MSE credit club. Signed up and it was pretty interesting to see all the info on me. I can report a healthy (experian) score of 999. I don't think it goes any higher so I'm pretty sure I'm not being defrauded
DeleteCIFAs registration will mark your credit record so that most likely any applications you make that need to check for identity (e.g. Buy insurance) or check for credit (e.g get a mobile phone) will be subject to a more thorough check. I fear that this means manual checks and I fear that means "declined" in most scenarios where manual and thorough means expensive for the merchant. What has been your experience? Do you now find routine events are referring for manual review and causing inconvenience?
ReplyDeleteFor people who know where to look, obtaining anyone's date of birth is almost trivial. Likewise with other information that is typically believed to be "secret", such as mother's maiden names.
ReplyDeleteThe public should be aware of how easy it is to get this information, and financial companies should be relying on much, much more data to verify their customers. Bookmakers have the right idea, requiring scans of passports and posted bills to approve users, particularly those looking to make withdrawals from online betting accounts.
Hello, hello.
ReplyDelete"3.46 Qualifying recognised overseas pension schemes (QROPS): introduction of transfer charge – The government will introduce a 25% charge on transfers to QROPS. This charge is targeted at those seeking to reduce the tax payable by moving their pension wealth to another jurisdiction. Exceptions will apply to the charge allowing transfers to be made tax-free where people have a genuine need to transfer their pension, including when the individual and the pension are both located within the European Economic Area."