The other day I was watching Kitboga mess with some scammers who were trying to convince him that his information was exposed. Playing an old lady, he went on to exclaim that he was scared his identity would be stolen to obtain library cards used to check out books that would not be returned. I smiled at the absurdity of this, but then got to thinking...could identity fraud be used against libraries?
At one point in college, I was a student librarian. Apart from helping people find and check out books, there was reshelving to deal with. I didn't memorize the Dewey Decimal system, but I certainly had to navigate it. New books would have to be cataloged, with clear film being added for protection. As a project, I had to move thousands of old musty books from one library annex to another. This was terrible for allergies but it gave me work through a summer. That summarizes my illustrious career in a library (and obviously gives me all the credentials needed to speak on the topic [sarcasm]).
Back to the fraud, how simple would this be? For one, it would vary from library to library. Would one need a person's actual identity, or could a synthetic be used? How many books or other resources could be checked out at one time? What would have to happen to the materials to be able to sell them second hand (remove library tags, barcodes, etc.)?
Granted this could be lowered dollar fraud and a hassle to execute, especially because many library systems are city or county based. The perp would only be able to exploit the identity one time per library chain. The fraudster would need to target high dollar resources that could be sold at secondhand bookstores or online. This would take research; regardless, it wouldn't typically be a lot per book or resource, especially if selling the stolen goods at a secondhand store.
There is a chance that the payout would be worth the hassle though. A lot of this depends on the library's policy and collection of higher dollar items.
Let's say that the policy starts off with the requirement of a valid driver's license to obtain a library card. Assuming it was only a visual inspection of the ID, the perpetrator would be wide open to use a stolen or synthetic identity. A fake ID would suffice for this.
Check out times & item limits would need to be reviewed and understood. Books have a higher time and item limit than electronic based items. For obvious reasons, the fraudster would not care about electronic resources that could be downloaded (unless there was an additional attack to bootleg).
Looking up a few different library systems, checkout limits ranged from 25-200 books and 7-25 CD/DVDs at a time. In a coordinated attack, these limits would be used to their fullest.
So let's say the limit is 100 books and 10 CD/DVDs. At $10 per book and $5 per DVD/CD, that would be $1,050 in the used market. It isn't a ton of money in fraud considering the amount of time and physical work involved. But what if a book was rare? A first or special edition?
A brief Google search of 'most expensive books' shows an original of E.B. White's Charlotte's Web goes for just under $3,000. A few higher dollar items within the 100 limit could substantially add to the payout.
Once limits were reached the fraudster could ghost the library and move on to the next one, selling off the thieved books in the process.
Fraudsters & Fines
For those who don't know, those committing fraud don't really care about fines. This is especially true for those involved in identity fraud. So, the fines would stack up before the fake accounts were assessed the fee of the book. With a daily fine of .10 per item per day, the 100 outstanding books would accumulate $300 per month. It could take a few months for a charge off to take place and the library could assess the cost of the book in the process. $1,000 charged off that the library would never see. And once again, the fraudster does not care.
As funny as this hypothetical fraud seems, the reality is that it would be a feasible avenue of attack for bookworm fraudsters if other opportunities dried up. To counter something like this, the library systems would need to adopt better onboarding of borrowers. Some of this could be the case today, but it would differ from organization to organization. Hopefully it is something that will not affect libraries anytime soon.
Comments