Skip to main content /US /US

Expert: Hijackers likely skilled with fake IDs

By Daniel Sieberg

(CNN) -- FBI Director Robert Mueller has acknowledged that some of those behind last week's terror attacks may have stolen the identification of other people, and, according to at least one security expert, it may have been "relatively easy" based on their level of sophistication.

Chris McGoey is a San Francisco, California-based security consultant who has worked with numerous major retailers on combating identity theft. He's seen hundreds of falsified IDs, and while he hasn't seen the ones used by the alleged September 11 hijackers, he offers some insight into how they could have been obtained.

Attack on America
 CNN NewsPass Video 
Agencies reportedly got hijack tips in 1998
Intelligence intercept led to Buffalo suspects
Report cites warnings before 9/11
Timeline: Who Knew What and When?
Interactive: Terror Investigation
Terror Warnings System
Most wanted terrorists
What looks suspicious?
In-Depth: America Remembers
In-Depth: Terror on Tape
In-Depth: How prepared is your city?
On the Scene: Barbara Starr: Al Qaeda hunt expands?
On the Scene: Peter Bergen: Getting al Qaeda to talk

Fake identities can be created in a couple of different ways, he says; the perpetrators could obtain information about an actual person to get duplicate materials, or they could establish a virtual individual from scratch. The latter would be more difficult, says McGoey, since it would require the creation of documents.

According to McGoey, the key information these hijackers would have needed is Social Security numbers (often the unique identifier for business use), driver's license numbers, and date of birth or birth certificates. From there, they could assemble a new identity. Even a person's address or name would help them get started. A passport or visa would be more difficult to forge, says McGoey, but not impossible.

And since state ID such as a driver's license or birth certificate often vary by state or county, he adds, it's almost impossible for service employees to verify the authenticity.

"If you take an L.A. birth certificate to New York, they're probably not going to have a clue as to whether it's official or not," says McGoey.

"Could a common criminal on the street do this stuff? No. They're not sophisticated enough. These (the hijackers) are people who researched, planned and studied. They likely didn't have to go to a forger to do it."

Consumers unaware

In addition to obtaining the necessary documents, these hijackers would have needed to appear confident and collected when showing them, says McGoey.

"If you act like you know what you're doing, you're going to get by eight times out of 10," he says.

According to the Federal Trade Commission (FTC), identity theft crimes have been on the rise in the past year.

Adding to the difficulty for investigators is the fact that most consumers have no idea that their personal information has been misused for more than a year, sometimes more than five years, reads the FTC Web site. The average amount of time before it was noticed is about 14 months.

The FTC recommends that people regularly check their credit record, keep track of all transactions and follow up with creditors if bills do not arrive on time. Also, they suggest that people be aware of when personal information may be shared over a Web site and read all privacy regulations issued by a retailer.

Violations of the Identity Theft Act of 1998 are considered a federal crime and could be investigated by such authorities as the U.S. Secret Service, the FBI, and the U.S. Postal Inspection Service and prosecuted by the Department of Justice. Individual states also have separate legislation.

• Crime Doctor, Chris E. McGoey
• Federal Trade Commission

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top