On New Year’s Eve, 23-year-old Dalton Tannehill started chatting on Grindr with a man who called himself “James” and claimed to be a sugar daddy who could help him with his credit card debt. After some convincing, Tannehill gave James his bank login and Social Security number. But the sugar daddy turned out to be a scammer. When Tannehill realized what had happened, he contacted his bank and tried to file an identity theft report with the Federal Trade Commission. But because of the partial government shutdown, which has so far lasted 19 days, he can’t.
Tannehill isn’t alone: Others are saying that they can’t properly report their identity thefts because of the shutdown, either. The delay is exposing people impacted by fraud during the shutdown to the risk of even more theft, as well as a more complicated process when they are able to start getting their financial records in order.
Tannehill’s story about getting scammed isn’t unusual. Scammers target victims in many ingenious ways, including catfishing lonely people on the internet and extracting their money, setting up fake celebrity accounts to convince fans to send bitcoin, and even stealing their own kids’ identities.
Fake sugar daddy schemes, like the one that targeted Tannehill, are increasingly popping up on the gay dating app Grindr. The accounts entice unsuspecting users to hand over personal information, open new lines of credit, and purchase thousands of dollars' worth of gift cards.
Tannehill said his bank described his setup as “the newest scam” when he called to report it.
Via text message, James, the fake sugar daddy, promised to pay Tannehill’s bills and requested his credit score. When Tannehill said he couldn’t produce a screenshot of his credit report, James said, “I’m gonna be taking care of all your responsibilities from now on baby” and asked for Tannehill’s Social Security number. To win his trust, James asked for his bank account information and transferred $2,480 to cover Tannehill’s outstanding credit card debt. “Before the payment was processed, I was obviously suspicious ... and when [it processed], I felt, 'Okay, good. This is legit. I actually have a real and legitimate sugar daddy!'” Tannehill said.
That’s why Tannehill did what James asked and applied for multiple credit cards. “I felt he did me this favor — I might as well spend at least $1,000 to be paid back again. No worries, I assumed, since the payment went through the first time,” he said.
Walmart was one of the retailers that approved Tannehill, so at James’ urging, he purchased $1,000 worth of Google Play Store gift cards using the new line of credit. James asked Tannehill to send him the codes on the back of the gift cards, which James said he'd pay him back for. After Tannehill obliged, James immediately requested more gift cards. Tannehill said the request “reeked of sketchiness,” but the $2,480 transfer made him believe James was the real deal.
When James suddenly became agitated and started sending multiple texts when he wouldn’t respond fast enough, Tannehill ultimately suspected he had been scammed.
The next day, Tannehill blocked James’ phone number. In bank documents reviewed by BuzzFeed News, James’ $2,480 transfer was retracted from Tannehill’s account days later.
“I just realized I needed to block him and cut off all communication, and report this as soon as I possibly could, whenever this shutdown ends, or any other way,” Tannehill told BuzzFeed News.
Identity theft is serious: Perpetrators can use someone’s personal information to open new credit cards or accounts in their name, make unauthorized purchases, or steal their tax refund.
According to the FTC, identity theft was the second-most-reported consumer complaint in 2017. Credit card fraud, the most common type of identity theft reported by consumers, went up 23% from the previous year. Last year’s numerous data breaches further emphasized how millions of people in the US are vulnerable to identity theft — but right now, the federal agencies that help them deal with this are closed down.
On its website, which is still accessible, the Federal Trade Commission, the government’s consumer protection agency, points victims of identity theft to two websites: IdentityTheft.gov and FTC.gov/complaint. Instead of resources and reporting tools for fraud, visitors will find a notice that states, "Due to the government shutdown, we are unable to offer this website service at this time. We will resume normal operations when the government is funded."
People are not only frustrated, but they’re also exposed to more risk the longer it takes to report their identity theft, said Hotspot Shield cybersecurity analyst Robert Siciliano.
“In general, when there is a claim, say, a new card opens under victim’s name, the retailer or bank doesn’t initially believe that the victim is, in fact, the victim. They’re inclined to think that victim is trying to skirt responsibility. Having government-issued documentation gives the victim the basis to file a claim,” Siciliano told BuzzFeed News.
IdentityTheft.gov provided victims with that necessary government-issued documentation. The site allowed victims to create an FTC identity theft report by completing an online form or calling a hotline (1-877-438-4338), both of which are inaccessible due to the shutdown.
It’s not just the FTC: The IRS is also shut down, preventing victims from requesting a personal identification number that would deter fraudulent tax refunds.
IRS form #14039 is an identity theft affidavit used to inform the IRS that someone stole your identity. The IRS will then generate an identity protection personal identification number, designed to add another layer of protection, every year. That PIN is used to file tax returns, which cannot be submitted to the IRS without it. Because the agency is shut down, victims can’t verify or apply for identity protection PINs.
“This opens the door for a criminal to dive deeper into the victim’s identity and cause more financial loss, which in the long run will result in more time expended in cleaning up the mess,“ Siciliano said.
If your identity has been stolen, here’s what you can do during the shutdown.
You can view a list of steps on the Web Archive for what to do immediately after discovering your identity theft. As advised by the FTC, new victims impacted during the shutdown should place a fraud alert with each credit bureau: Experian, TransUnion, and Equifax. Additionally, Siciliano recommends people contact their state attorney general: “They’re in the best position to work on your behalf.”
But, above all, Siciliano advises victims and potential victims to be persistent: “Maintain all documentation. Make whatever phone calls you need to make. Contact your bank or the companies you need to contact. Do whatever you can.”