The Employment Rights Corner - Labor Law and Posting Compliance.

The St. Petersburg Wage Theft Ordinance: New Notice and Poster Requirements

Monday, June 26, 2017

The City of St. Petersburg, Florida, recently amended its wage theft ordinance to require employers to provide pay notice to employees at the time of hire and to display “in a location accessible to all employees” a poster about wage theft. See St. Pete. Code, Chap. 15, Art. III, Sec. 15-40, et seq. These requirements are not yet in effect. As detailed below, the effective date is on hold pending the completion of a memorandum of understanding by the City, which is engaging a “community-based” organization to “implement the purposes of this article.”

The ordinance defines the term “employee” broadly to mean a “natural person who performs work within the geographic boundaries of the City while being employed by an employer . . .” including “a person who performs work that benefits an employer located within the City even though the employee may have performed work outside of the City.” The ordinance excludes “any bona fide independent contractor,” stating that the term “independent contractor” “shall have the same meaning as in the Internal Revenue Code, Fair Labor Standards Act, and implementing federal regulations, administrative interpretations and guidance” (though “independent contractor” is defined differently by the Internal Revenue Service and U.S. Department of Labor).

Background

On December 15, 2016, the St. Petersburg City Council passed several amendments to the City’s wage theft ordinance. Under Sec. 15-44, there are three new requirements for employers. Employers must provide a “written notice” to employees at time of hire, including a “template summary” summarizing the employee’s rights (available from the City), written notice of changes in pay, and a poster (available from the City). Sec. 15-44(a)-(d). There is also a $500.00 “per violation” penalty for an employer’s failure to adhere to any part of the ordinance. Sec. 15-44(e). The term “violation” is not defined.

Sec. 15-44(a)(1)-(7) provides:

(a) At the time of hiring, an employer shall provide to each employee a written notice, to be signed and dated by the employer and employee, containing the following information:

(1) The rate or rates of pay and basis thereof, whether paid by the hour, shift, day, week, salary, piece, commission, or otherwise, including any rates for overtime, as applicable;

(2) Allowances, if any, claimed as part of the minimum wage, including meal or lodging allowances;

(3) The regular payday designated by the employer;

(4) The name of the employer, including any “doing business as” names used by the employer;

(5) The physical address of the employer’s main office or principal place of business, and a mailing address, if different;

(6) The employer’s telephone number; and

(7) A template summary, available from the City, summarizing the protections and rights of employees pursuant to this article.

The “template summary” is not available at this time and there is no time frame in which it is to be completed.

Sec. 15-44(c) provides:

In addition to providing the written notice required by subsection (a), employers must place in a location accessible to all employees a poster, available from the City, summarizing the protections and rights of employees pursuant to this article.

Sec. 15-44(d) provides:

An employer shall notify his or her employees in writing of any changes to the information set forth in the notice required by subsection (a) within seven (7) calendar days after the time of the changes.

These requirements, however, did not go into effect when the City passed the amendments. According to the amendments, the requirements of Section 15-44 (the notice and poster provisions) “will not become applicable to employers until ninety (90) days after a community-based organization has been selected for the purpose of facilitating implementation of this ordinance.” Sec. 15-47.

Key Takeaways

An official with Pinellas County, who is in charge of administering both the St. Petersburg and Pinellas County ordinances, confirmed to Ogletree Deakins that the “community based organization” has not yet been selected and that there is not yet a “template summary” to provide (referenced in Sec. 15-44(a)(7)).

Pinellas County has requested a “memorandum of understanding” from St. Petersburg regarding the notice and posting requirements. The county does not have any comparable notice or poster. Presumably, this may be a precursor to these requirements being enacted countywide.

The official also noted that the delay in implementation may have to do with personnel changes within the City of St. Petersburg. St. Petersburg has now put Pinellas County in charge of administering the ordinance, because Pinellas County has a similar ordinance (although the County ordinance has no notice or posting requirements).

Finally, the official stated that Pinellas County will likely tweak St. Petersburg’s current form and poster before they are finalized. The official also anticipates that the county will adopt similar notice and posting requirements in the future. Pinellas County refused to provide an estimated time for such actions.

St. Petersburg and/or Pinellas County will probably issue a press release before the requirements are finalized.

For more information or to contact the author please follow the link below:

Rachel A. Morris

Associate

Ms. Morris focuses her practice on representing employers in all aspects of labor and employment litigation and compliance.

 

[email protected]

813-221-7233

www.ogletree.com

4th Circuit’s decision underscores importance of posting employment notice

FosterThomas, Inc -By Kevin C. McCormickVirginia employment law

Most employers know that to fully comply with all the federal and state employment laws, they must post specific employee notices in the workplace. Indeed, many companies specialize in providing state-specific posters that include all of the required notices for each state. Occasionally, however, an employer fails to post a required notice in the workplace and does not realize its mistake until a lawsuit is filed. By then, it is often too late to remedy the problem.

A recent decision from the U.S. 4th Circuit Court of Appeals—which covers Maryland, North Carolina, South Carolina, Virginia and West Virginia—underscores the importance of making sure that required posters are in the appropriate workplace locations and are up to date. Failing to display a poster can result in a court allowing an otherwise time-barred claim to proceed.

Background

Cristina Fernandez Cruz is a citizen of the Philippines, where she lived until 2002. She speaks Tagalog fluently but speaks limited English. In 2001, a friend told Cruz about an opportunity to travel to the United States to work for Nilda J. Maypa, an employee of the World Bank. Cruz submitted a résumé, and Maypa hired her soon after.

About a month later, Maypa faxed Cruz an employment contract that stated that Cruz would be employed as a domestic employee at Maypa’s residence for 2 years at $6.50 per hour. The contract stated that Cruz would work between 35 and 40 hours per week, have at least one full day off each week, accumulate two sick days per year, receive heavily subsidized medical insurance, and receive full compensation for her travel to and from the Philippines.

Cruz reviewed the contract with friends who were more fluent in English. However, before Cruz could sign the agreement, Maypa informed her over the phone that she would pay her only $250 per month rather than the $6.50 per hour specified in the contract. Cruz did not know that U.S. law required that she be paid a significantly higher wage. She signed the contract on January 17, 2002. On March 17, 2002, she left the Philippines and flew to the United States.

Soon after Cruz arrived in Virginia, it became clear that Maypa had misrepresented her working and living conditions. Cruz was required to work 17 to 18 hours per day 7 days per week, and she was expected to remain on call at night. She was not allowed to take a day off during the 6 years she remained under Maypa’s control, even when she was ill.

When Cruz arrived in the United States, eight people lived in Maypa’s house. Cruz was expected to cook, do laundry for the entire family, and clean the four-bedroom, three-bathroom home. She was also expected to provide 24-hour care for four children and maintain the property by mowing the lawn, trimming trees, shoveling snow, cleaning the pool, and performing other landscaping duties.

Although Cruz was initially paid $250 per month, by the time she escaped 6 years later, she was making $450 per month, which amounted to about $15 per day. Maypa executed two contract extensions during Cruz’s employment. Both extensions called for higher wages and benefits Cruz never received.

Maypa told her that the documents were “a formality” to keep her “safe.” Maypa told Cruz that she would be “hunted down,” imprisoned, and deported if she tried to leave. On January 17, 2008, Cruz gathered all the papers she could find related to her employment and immigration status and left.

On July 16, 2013, 5 years after she left, Cruz filed a lawsuit in federal district court seeking compensatory and punitive damages for violations of the Victims of Trafficking and Violence Protection Act (VTVPA) and the Fair Labor Standards Act (FLSA). Maypa asked the court to dismiss Cruz’s claims as time-barred since she filed the lawsuit more than 5 years after she left her employ. The district court granted Maypa’s motion and dismissed the claims. Cruz appealed that decision to the 4th Circuit.

4th Circuit’s decision

On appeal, Cruz argued that her VTVPA claim should be subject to the 10- year statute of limitations that was added to the law in 2008. She also claimed that her FLSA claim should be equitably tolled (extended) since she did not receive a notice of her rights under the FLSA because Maypa never posted the required signage in her home.

In considering Cruz’s claims, the 4th Circuit acknowledged that at the time Maypa allegedly violated the VTVPA, the Act was governed by a 4- year statute of limitations. However, in 2008, Congress amended the VTVPA to include a 10-year statute of limitations. The 4th Circuit found that the longer statute of limitations should retroactively apply to Cruz’s claims.

According to the 4th Circuit, equitable tolling is appropriate in two circumstances: (1) when a plaintiff is prevented from asserting her claims by wrongful conduct on the part of the defendant and (2) when extraordinary circumstances beyond the plaintiff’s control make it impossible for her to file the claims in time. The appellate court found that the district court erred in dismissing Cruz’s claims. Instead, her VTVPA claims were sent back to the district court for discovery (pretrial fact-finding) to determine whether the claims should be equitably tolled.

In addition to her VTVPA claims, Cruz alleged that Maypa willfully violated the FLSA by failing to pay her the required minimum wage. Although the district court applied the correct statute of limitations for willful FLSA violations (3 years instead of the normal 2), it found that Cruz’s claims should not be equitably tolled because she failed to show that there were extraordinary circumstances.

The 4th Circuit disagreed and found that equitable tolling was appropriate in this case. In reaching that conclusion, the court relied on an earlier decision, Vance v. Whirlpool Corp. In that case, the court held that the Age Discrimination in Employment Act’s (ADEA) previous filing requirement should be tolled because of the employer’s failure to post a notice of workers’ rights under the Act.

The notice requirements in the ADEA and the FLSA are almost identical. Both laws require employers to post in a conspicuous place a notice pertaining to the laws’ applicability to ensure that employees protected by the statutes are aware of and are able to assert their rights.

The Vance decision tolled an administrative filing deadline rather than a statute of limitations, but the FLSA lacks an equivalent administrative filing requirement. Thus, like an administrative filing deadline, the FLSA’s deadline to sue is the critical juncture at which an employee’s rights are preserved or lost.

Neither the ADEA nor the FLSA inflicts statutory penalties for failing to comply with the notice requirements. Therefore, absent a tolling rule, employers would have no incentive to post notices since they could hide their violations from employees until any relevant claims expired.

Under the Vance decision, tolling based on a lack of notice continues until the employee retains an attorney or obtains knowledge of her rights. The 4th Circuit sent Cruz’s FLSA claim back to the district court. Since the record did not say when Cruz retained an attorney or obtained knowledge of her rights, the district court should allow discovery to determine whether her FLSA claim was time-barred despite being equitably tolled. Cruz v. Maypa et al, 4th Circuit, No. 13-2363, decided December 1, 2014.

Bottom line

This decision serves as a reminder to make sure that all of the required employment posters are appropriately displayed in your workplace and updated as needed. If that is not done, a disgruntled employee may be given more time than the standard 2 or 3-year statute of limitations to file a claim for FLSA violations.

As the 4th Circuit noted, equitable tolling is appropriate when (1) wrongful conduct on the part of the employer prevents an employee from asserting her claims and (2) extraordinary circumstances beyond the employee’s control make it impossible for her to file the claims on time.

While equitable tolling is available only when an employee has exercised due diligence in preserving her legal rights, courts may be inclined to extend the applicable statute of limitations because of an employer’s failure to post the notice required by the FLSA.

In this case, Cruz’s claims, which were filed five years after she left Maypa’s employ, may very well be considered timely because of her employer’s failure to display the appropriate posters in the workplace. Considering how simple it is to obtain the appropriate poster, this problem can be easily avoided.

Labor Law Posters – The Perils of Too Few or Too Many

By Rebecca Goldberg, Esq. on April 28, 2014

Posted in Employee Benefits, Employer Policies, Wage & Hour

Every employer in the United States must post at least some labor law notices. Many state and federal employment laws come with such a requirement. While different posters are needed for different situations (for example, based on the employer’s size or industry), no employer is exempt from posting at all. It may be obvious that failing to meet all posting requirements can result in legal liability. What is less obvious is that posting inapplicable notices may also result in legal liability – a danger if your company uses an “all-in-one” labor law poster service.

What’s Wrong with Too Many Posters?

Many employers overlook the risks of posting inapplicable labor law posters. Each year, many employers receive offers to purchase a laminated “all-in-one” poster designed to cover all bases. But, one size rarely fits all when it comes to the law. For example, the Family and Medical Leave Act (FMLA) generally applies only to companies with 50 or more employees. If a 20-employee company posts an FMLA poster, could this statement of employee rights bind the company to provide leave to the extent required by that statute? At least one court has held that in the right factual circumstances, an employee may be entitled to take leave akin to FMLA leave.

Another downside to too many posters is the difficulty in navigating employees’ inquiries about their rights. If an employee points to an FMLA poster and asks where to obtain the paperwork for maternity leave, human resources may have the unenviable task of telling her she is not eligible. This can lead to resentment and poor morale.

A third downside is the potential to invite legal action against the company. The National Labor Relations Board (NLRB) made a failed attempt to require employers to post a notice of employees’ rights under the National Labor Relations Act. Courts ruled against the NLRB’s posting requirement and, eventually, the agency abandoned its efforts. Countless employers have posted – and retained – these notices, even though the rule never went into effect and has been formally abandoned. Among other things, this notice tells employees how to file labor law complaints against their employers. Employers that keep this poster are inviting complaints against themselves!

What’s Wrong with Too Few Posters?

Generally, the stated penalty for failing to post a required labor law poster is a relatively small fine. But, the hidden consequences can be much more costly. In some cases, courts have allowed the employer’s failure to post a labor law poster to “equitably toll” an employee’s rights. This means the time period that starts the clock for the statute of limitations may be delayed until the employee learns of the rights outlined in the applicable poster. If it takes years for an employee to become aware of those rights, the employer may be on the hook for additional years of liability – a consequence that can easily add hundreds of thousands of dollars of liability in certain scenarios, such as class action overtime cases.

Having the Right Posters

What should employers do to get it right? This requires research to determine the required postings based on the state, industry, size, and other factors. Like any other labor and employment law question, the best way to get a reliable answer is to consult competent legal counsel. Fortunately, this is usually a quick and inexpensive inquiry. While some lists of required posters can be found on the websites for state and federal departments of labor, these lists are often incomplete because certain postings may be outside the agency’s purview. If we can be of assistance with this or any other workplace issue, please call us.

Identity theft is not just a consumer's problem. It takes businesses and consumers working together to

provide the greatest protection against identity theft. When their customers' personal information is stolen, businesses may not only have legal obligations to help correct the problem, but also may be subject to financial losses themselves.

According to the Better Business Bureau, small businesses typically are not as focused on data security as are larger corporations. Some small business owners believe that locking up their storefront is sufficient protection against theft of important data. Others assume they are better protected than they really are while others may suspect they should be doing more, but do not know how.

The Federal Trade Commission cautions businesses that under the 2003 amendments to the Fair Credit

Reporting Act, identity theft victims are entitled to get from businesses a copy of the application or other business transaction records relating to their identity theft free of charge. Businesses must also provide these records to an investigating law enforcement agency.

Finally, businesses that lose their customers’ information, no matter how that loss occurs, may lose their

most valuable asset, the customers themselves. As more and more consumers become victims of identity theft, they make their choice of where to do business dependent on what privacy protection assurances the business can offer. For all these reasons, businesses can no longer afford to be lax about protecting their customers' personal information – and their own.

If you do not need it, do not collect it

Many businesses collect more information than they need, particularly when asking customers to fill out forms. Consider excluding the address, email and phone number if you need only a name. The social security number is a confidential number that is required only if a customer is earning income (either employment or investment) for tax reporting – it should not be collected otherwise. When you order your next set of forms, eliminate all the information that you do not really need.

Personal information is not for broadcast

Can people standing in line at your office or store overhear others give your staff telephone numbers or

account details? Instruct employees who need to collect personal information to talk in a discreet and

quiet manner. Turn computer screens so they cannot be viewed by anyone other than the operator.

Protect customer cards

When customers are making purchases, ensure that they have sufficient privacy to securely enter their PINs. Place shields on point-of-service terminals and check the terminals regularly to verify that equipment has not been tampered with. Locate security video cameras so that they cannot record the entry of customer PINs.

Be card smart

Staff should verify that customers are who they say they are by checking signatures on cards, and, as appropriate, photo IDs. The Fair and Accurate Credit Transaction Act, requires that debit/credit card numbers are truncated when electronically printing receipts (i.e. does not print more than the last five numbers on the card) and that the card’s expiration date is deleted, to better protect consumers. Do not copy down any card number that you do not need.

If you keep it, secure it

Paper records with personal information should be locked, and computer terminals password protected with strong passwords. Place the computer server(s) in a secure, controlled location, and keep other devices (e.g. back-up CDs or tape drives) locked away. Physically lock up all laptops to prevent thieves from walking away with one. Develop and implement policies about who can take laptops home, what security precautions should be taken when the laptop is away from the business (example – not keeping a laptop in a car whether locked or unlocked), and what access employees have to information while they are offsite. Also develop this same kind of a plan for mobile devices which may store personal or confidential information.

Keep customers and other non-authorized personnel out of private and secure areas.

Instruct employees to save data to network drives when available and not to "C:" hard drives, which are much less secure. Should someone steal the hard drive, information stored on network drives will remain protected. Make sure your network and computers have the latest firewall, virus and malware protection and operating system updates. This helps plug vulnerability gaps that develop as hackers work at new ways to gain access. Secure Wi-Fi networks by making sure they are encrypted and the SSID (Service Set Identifier) is hidden from broadcast by the router or access point.

Consider an alarm system, preferably one monitored by a security company. Your business insurer may be able to assist you with a security assessment of your operations.

Prevent unauthorized photocopying and put photocopiers that are used to copy sensitive information in a secure environment, away from public access. Since a large number of the more current model photocopiers store copied pages on a hard drive, make sure the data is secured or wiped when the copier is traded in or sold to another user.

Screen and train employees

A significant number of identity thefts start with a dishonest employee who gives personal information to an identity thief. To protect your business against internal fraud, consider background checks for employees who have access to personal information. There are companies who can complete these checks (including criminal background, references and education credentials) on your behalf. Consider conducting regular clearance checks for employees in high-risk areas (e.g. with employees' annual performance review) to ensure staff remain free of criminal records.

Make sure staff understands privacy information policies and how to ask customers for personal information, such as not asking for customer personal data in front of others, checking signatures, and keeping customer data under lock and key and in password-protected computer files. All confidential waste, including credit card information and photocopied ID documents must be shredded, preferably with a cross-cut shredder, to prevent dumpster diving.

If information is compromised

Create an action plan now for how to respond to a data breach. If identity thieves strike, or if information goes missing, an action plan will be invaluable in responding quickly to the breach. Fast action can help reduce potential damage, and it may help your business or organization to maintain its good reputation and avoid liability in a civil action.

To respond to a data breach or loss of information, you need to follow two tracks at the same time: investigate the problem internally, and devise a plan for notifying people that a problem has occurred. Determine what information was stolen, when and how it occurred, and what you need to do to ensure that no other data is stolen or lost.

Timing is critical since prompt notification might help prevent identity theft or at least mitigate the damage. If a small number of customers are affected, inform them in writing immediately. If a larger number are affected, you may want to determine a more efficient method for advising potential victims quickly.

You should also notify law enforcement agencies as soon as you are aware that information may have gone missing or has potentially been compromised.

Wisconsin law requires businesses to notify individuals in certain circumstances if their personal information has been lost, stolen or otherwise compromised. For more information on this topic, see our fact sheet entitled “Wisconsin’s Data Breach Notification Law.”

Some types of fraud are set to double this year.

The shiny square EMV chips that started appearing on your credit cards over the last two years were supposed to help prevent credit card fraud. But while the chips do seem to be making a dent in some online crime, financial research firm Aité Group finds, cyber scammers seem to have shifted their efforts elsewhere.

“We are at a period where an impressive amount of data is in the hands of criminals,” said Aité research director Julie Conroy during a recent webinar on fraud prevention. The average cyber criminal isn’t about to go out and get a legitimate job, she points out — and while Aité estimates there will still be about $4.5 billion in fraudulent credit card losses this year, criminals are already shifting to different types of identity theft.

Two scams in particular are surging in frequency, Conroy says.

One is application fraud (also known as new account fraud) — when criminals use fake or stolen documents to open an account in a victim’s name. Such frauds are set to double this year, Conroy says, with expected damage at $1.37 billion.

The other rising problem is account takeover fraud — when thieves use personal information (like an email address) to gain access to an account, then change the password and communication settings to reroute all alerts and updates, essentially locking victims out of their own accounts. Aité says financial institutions are already telling them of a 50% year-over-year increase in account takeover frauds, with an expected total cost of $760 million in 2016.

Complicating the issue is the rising value of identity details. “Criminals are getting a lot more mileage out of compromised credentials,” Conroy says. Access to an Uber account sells for $3.78 on the black market, and a PayPal account with a guaranteed $500 balance goes for $6.43 — but a credit card number is worth a mere $0.22, according to Conroy.

What to Do

To help protect your identity, set up alerts and monitoring — either with your bank or an outside app such as IdentityForce that will let you know if any suspicious activity occurs. Also, keep a close eye on your annual credit report for any new accounts or queries you didn’t initiate.

If you know your identity has been compromised, contact your bank and other financial institutions to have them close any unauthorized accounts or any that have evidence of fraud. Then report the issue to the Federal Trade Commission and contact the three major credit bureaus in order to put a “fraud alert” on your account.

No problems yet? Don’t get complacent, Conroy says — because criminals have “extraordinary patience.” Thieves may have access to your identity long before they actually commit any fraud. In some cases, Conroy warns, students’ identities were stolen while they were in college, but the fraudulent activity occurred years later — when the victims are settled in their careers and have more assets. “We’re not up against a kid in his basement,” she says. “These are organized crime rings.”

ORANGE COUNTY, Fla. - Investigators at the University of Central Florida have identified at least one source of a hack that resulted in more than 200 reports of credit card fraud on campus.

After going through 240 online reports, university officials realized that two on-campus restaurants were consistently listed as places where cards were used before the fraudulent charges showed up.

After additional investigation, officials reported finding malware on the computer systems of AD Food Services, which operates Asian Chao, Huey Magoo’s and Corner Café in the UCF Student Union.

The Secret Service even teamed up with UCF to help fix the problem.

“Now if I buy something, I’m going to keep an eye on my account,” Searia Crea said.

The university instructed AD Food Services to stop taking credit or debit cards for orders until security measures are addressed.

PREVIOUS STORY:

Dozens report fraudulent charges after using credit cards on UCF campus

“Although credit card security is the responsibility of each vendor via their chosen banking relationship, UCF police, business services and the information security office have been working with vendors on campus during the past couple of weeks,” the university said in a news release. “The university instructed vendors to review all of their financial systems and offered the assistance of its technology teams.”

Joseph Lee told Channel 9’s Janine Reyes he recently had fraud on his account, but since he didn’t know where his card was compromised, he said he never filed a report.

“I'm just assuming it happened here. Because I don't use debit cards to get gas. I use credit cards which has the chip in it, and I use debit cards at places that I trust,” Lee said.

Based on results of the investigation so far, UCF officials said it does not appear that any of the fraud originated in university-controlled areas, including class registration, financial aid or housing, or at other vendor locations on campus.

The credit card fraud case is not connected to a cyberattack carried out against UCF earlier in the year, the university said.

Anyone who believes that they have been the victim of credit card fraud should contact the company that issued the card immediately, UCF said.

“If you guys wouldn’t have come up to me, I probably wouldn’t have known,” Sarah Injo said.

Injo said she didn’t know about the credit card fraud until last week.

“I was buying stuff for the hurricane and my card was declined,” Injo said.

The university said it plans to send out an email, but officials have not said when.

© 2016 Cox Media Group.

A Union man and a West Orange woman have been arrested and a third person is being sought for an elaborate identity theft and mortgage fraud scheme that netted them $1 million dollars, Attorney General Christopher S. Porrino announced today.

Artis Hunter, 49, of Union, the alleged ringleader, and Melissa Phillip, 41, of West Orange, were arrested Wednesday on charges of first-degree money laundering, first-degree conspiracy, second-degree identity theft and second-degree theft by deception, Porrino said.

The third man charged, Laquan Jones, 42, of Newark, is being sought on an arrest warrant, Porrino said.

ADVERTISING

inRead invented by Teads

The three arrested and "additional unidentified co-conspirators" used stolen identities to steal more than $930,000 from lenders through at least eight fake loan transactions, including four mortgage loans, three home equity lines of credit and a car loan, Porrino said.

Hunter, Phillip and Jones allegedly used stolen or fake identities not only for the borrowers, but for others, too, to create all of the hallmarks of a legitimate transaction. They used stolen and fake identities for "all of the required roles," including seller, attorneys, settlement agent, title agent, homeowner's insurance company, notary and others, Porrino said.

He said investigators executed search warrants at Hunter's Union home and at another home in Hillside, where they seized computers, phones, additional electronic equipment, documents and other potential evidence.

The applications also included falsified documents — closing documents, wire transfers and title insurance documents — which were supposedly witnessed, prepared or reviewed by people and groups who didn't exist or who had no knowledge of them, Porrino said.

By creating the appearance of a real transaction, Hunter, Phillip and Jones allegedly tricked lenders into processing the applications. Porrino said that with the loans approved, the deceived lenders would deposit the loan proceeds – in amounts ranging from $196,000 to $230,000 for the mortgage loans – to an account opened in the fake or stolen name of a title company or law firm. The trio and other co-conspirators would then make numerous withdrawals — over several weeks or months — from ATMs and banks until the total was withdrawn. Porrino said they withdrew several thousand dollars from various ATMs or banks in a single day. The scheme dates back to at least 2010, he said.

The trio even went so far as to create virtual offices for individuals and businesses purportedly involved in the transactions by setting up phone numbers, email addresses, fax numbers, websites and mail drop addresses, Porrino said.

Porrino said the fraudulent mortgage loan applications related to homes in Franklin Township, Edison, Woodbridge and Franklin Park; the home equity lines of credit were connected to two properties in Elizabeth and one in Plainfield; and the car loan was for a 2012 BMW 3 Series.

"We allege that these defendants were prolific in their criminal scheme, stealing nearly one million dollars from lenders by using stolen or fictitious identities to stage loan closings that were almost entirely illusory," Porrino said. "With these arrests, we've put an end to their costly tricks."

"Mortgage loans are a tempting target for con artists because so much money is at stake and because lenders often conduct loan closings remotely, relying on electronic communications and paper," said Director Elie Honig of the Division of Criminal Justice. "I commend the state and federal investigators who handled this complex case and untangled the web of deception allegedly woven by the defendants."

The charges will be presented to a grand jury for potential indictment. Bail has been set at $500,000 for Hunter and $250,000 for Phillip.

Analysis: How does it happen in the digital age and how can cyber security prevent it ?

With so much information online, identity theft is becoming an increasing danger in cyber space.

Identity theft means somebody taking somebody else's personal information and using it without authorisation for personal gain.

This personal information could include passport numbers, bank details or even information as mundane and seemingly innocuous as a name or date of birth.

Online, data is regularly harvested by cyber criminals through a range of methods. This includes broad brush approaches such as phishing, which can beguile unsuspecting victims into sharing information.

In February, the ThreatMetrix Digital Identity Network was released which analysed over 15 billion transactions in real time over the previous 12 months. It noted a 40 percent increase in fraudulent transactions and cybercrime activity specifically targeting the financial industry.

Part of this activity involves bots, which are software applications that run automated tasks over the internet perform simple and repetitive tasks much quicker than a human could. They are used to take potential user credentials and then repeatedly test them against different accounts, verifying their validity.

The ultimate value of this information is that it provides access to financial assets online. However, information can also be fed back into new phishing attacks that target a broader range of contacts, with personal information deployed to make a phishing email more convincing.

Many cyber security companies are attempting to address this fundamental problem with identity in the digital era. Since consumers are often more concerned with the convenience of a transaction than they are with its security, an approach needs to be found that balances these two factors.

This means that ways of verifying identity that use new sources of information such as location or biometrics are seeing increasing usage.

For example, if somebody has a bank account code but is unable to submit a correct fingerprint then they might be prevented from completing a certain transaction.

Another example might be using the location capability of a smartphone to check whether an access request is coming from an unusual location where a particular person doesn't normally travel.

Overall, identity theft may seem like more of a possibility in the digital age, but more and more ways of mitigating it are being developed.

Colorado Springs police hope arrest of 7 shuts down identity theft ring

Thieves allegedly printed fraudulent checks and driver's licenses after stealing mail

By Kaitlin Durbin

The Gazette

POSTED: 05/10/2016 11:39:07 AM MDT1 COMMENT

UPDATED: 05/10/2016 12:14:17 PM MDT

COLORADO SPRINGS — Police hope the arrest of seven people last week will shut down a major mail theft ring spanning five counties.

Misty Peterson, 28, Joey Bobbitt, 29, Sabrina Banales, 48, Doneice Cyprian, 40, Desere Sutton, 26, Lauren Tuggle, 25, and Joshua Kenyon, 37, were arrested Friday following a "complicated" month-long investigation, said Colorado Springs police spokesman Sgt. Joel Kern.

The seven are suspected of being part of "one concerted ring" that printed fraudulent checks and driver's licenses, stole mail from mailboxes and burglarized homes to access protected information, Kern said.

More than 100 potential victims have been identified across El Paso, Teller, Douglas, Elbert and Arapahoe counties, police said. Kern said people who have had mail stolen should immediately report that to credit fraud agencies.