Feb. 22, 2012 at 1:19 AM ET
Identity thieves have regained the upper hand, suggests a new survey released Wednesday by fraud research firm Javelin Strategy & Research. The firm's annual survey of 5,000 consumers suggests a rise in the rate of ID theft during 2011, reversing a drop in identity-related that was found in last year's survey. The main cause of the new increase: A return to old-fashioned credit card fraud.
"There's been a rebound. … ID thieves have bounced back," said Javelin President James Van Dyke, explaining that meant about 7.7 million Americans were hit with credit and debit card fraud in 2011, or about 2.2 million more than in the previous year.
The survey estimates that 11.6 million Americans were hit by ID theft in 2011, compared to 10.2 million in 2010. Put another way, 4.9 percent of the U.S. adult population -- roughly 1 in 20 adults -- was affected by identity-related fraud last year, compared to 4.35 percent of the population in 2010.Javelin, like the Federal Trade Commission, uses a fairly broad definition for identity theft: any time a transaction occurs using a victim’s name or account information without authorization.
Nearly all the increase can be attributed to sharp rise in credit-card fraud, the survey found. Last year, 2.3 percent of all adults found unauthorized charges on their cards, compared to 1.4 percent in 2010.
A recent rise in credit card fraud has also shown up in previously unpublished research by security firm Gartner. Analyst Avivah Litan shared the data with msnbc.com.
Her survey found that, of all adults who say they've been hit by credit card fraud at some point, 29 percent said the most recent incident had occurred in the 12 months preceding September, when her survey was conducted. That compares to just 18 percent who said the most recent incident hit 13-24 months earlier.
"Our data says the same thing (as the Javelin data)," Litan said. "It is worth noting that increases in fraud rates are even more pronounced on the small business and corporate side, which Javelin didn't survey."
Javelin's 2011 survey is the seventh time the firm has queried American adults looking for ID fraud trends. The survey, which has a maximum margin of error of 1.7 percent, was sponsored by several financial services companies, but Van Dyke said the sponsors weren’t allowed to interfere with the research methodology or the publication of the resulting report.
What would cause a rise in old-fashioned card data theft? Numerous factors, Van Dyke said.
"It's probably partly an issue of where the gains (the banks) had made couldn't be sustained," Van Dyke said. "Also, the economy also plays a part. We've done this long enough to see a correlation between the state of the economy and this kind of fraud."
The recession has made life a bit harder for banks’ back-end fraud prevention systems, too. Some consumers have simply stopped using credit cards, but maintain open accounts. These dormant cards are ripe for fraud. Meanwhile, the recession has also dramatically altered some consumers’ buying patterns, throwing banks’ pattern-recognition efforts off.
There is good news within Javelin's results, however. The rate of new account fraud -- when a criminal uses a victim's personal information and good credit to open up new accounts -- has dropped slightly, according to survey takers. New account fraud is much more of nightmare for victims, and more costly to financial institutions..
"In fact, the overall amount lost to identity fraud is down slightly," Van Dyke said, from an estimated $20 billion to $18 billion.
The survey also hints at some other larger trends in identity security. Smartphone users are about 30 percent more likely to report being hit by ID fraud. Surprisingly, 62 percent say they do not use a screen password to protect their devices.
"People aren't protecting their devices," Van Dyke said.
Some 36 million Americans, or roughly 15 percent of U.S. adults, say they received a data breach notification in 2011 from a company indicating it had lost their personal information. Those who say they received such a notice were more than nine times as likely to also report being fraud victims.
"This is a trend we see spanning four years now, yet we haven't been able to generate any meaningful public awareness around it," Van Dyke said. Many consumers don't even sign up for free credit monitoring services when they are offered by companies that have leaked data, he said.
Even so, more Americans detected ID fraud through electronic monitoring of accounts -- such as through online banking -- than through paper statements, the first time that has happened, according to the survey. Such monitoring leads to earlier detection and lower financial losses for both banks and consumers.
Finally, the survey suggests some connection between active use of social networks and ID theft. Slightly more than 10 percent of LinkedIn users say they were hit (10.1 percent), while 7 percent of Google+ users and 6.3 percent of Twitter users reported being victims -- all three above average. Facebook users, at 5.7 percent, were barely above the national average of 4.9 percent.
Those with public profiles often confessed to being careless with data: 45 percent share their birth date and year; 63 percent shared their high school; 18 percent shared their phone number; and 12 percent shared their pet's name.
"We still have a significant education problem," Van Dyke said. "Consumers are having trouble being able to grasp what is sometimes conflicting advice in the marketplace. In fact, sometimes it’s impossible to follow the patchwork advice they are given."
*Follow Bob Sullivan on Facebook
*Follow Bob Sullivan on Twitter.