Mail theft
January-February 2021

The sudden interest in mail theft

By James Hu
Assistant District Attorney in Harris County

We live in an age when we can tell our cell phones to tell our speakers to turn on our TVs, and then tell our TVs to tell a robot vacuum to clean the living room. In this context, physically dashing up to a mailbox and grabbing envelopes out of it sounds a little antiquated. However, mail theft appears to be a fairly straightforward, low-tech method to obtain private information without having to figure out how to scour the dark web for places to purchase other people’s identities. 

            With increasing frequency, I find myself on the phone with the United States Postal Inspection Service (USPIS) linking facts together from multiple mail theft incidents to formulate probable cause for search and arrest warrants.[1] With increasing frequency, I find myself on the phone with various Harris County agencies inquiring about use of the new mail theft statute.[2] Ultimately, these types of cases boil down to three questions: 

            1) How are the suspects getting the mail?

            2) What are they doing with it?

            3) What can prosecutors do about mail theft?

I will attempt to address these questions in this article using some real-life investigations and case examples I have seen.

Getting the mail

Does mail theft ever get violent? Sure, it does. Our office has filed aggravated robberies in which postal carriers are robbed at gunpoint. What typically becomes apparent is that a good number of these robberies are related to a larger scheme. Certainly, there are robbers out there pointing guns at postal carriers just to steal 12-pack boxes of Poo-Pourri straight from the postal truck (true story). However, the big-ticket item mail robbers want is a mail key—specifically, what’s called an arrow key. These are essentially universal keys to open those blue mailboxes sitting out in the open around town where kids drop their letters to Santa. It also opens the cluster/panel mailboxes in subdivisions and apartment complexes for both incoming and outgoing mail. I have also been told of cases where postal carriers provide arrow keys to mail thieves as well.

            Once the arrow key has been secured, the suspect may have the key duplicated. These copies are then distributed to various groups of mail thieves. Once mail thieves have arrow keys, their job just got a whole lot easier. Mail thieves generally travel around in groups of three or four, where someone will drive the car and a couple others hop out and quickly gather as much mail as they can from a box or complex. 

What thieves do with stolen mail

I have reviewed a number of search warrants to get into hotel or motel rooms in the deep of night on suspicion of stolen mail. Imagine this (very real) scene: Officers receive a report that an entire cluster mailbox unit has been stolen from an apartment complex (the thieves must not have been able to get a postal key). Three hours later, someone is wheeling a giant box, covered with a sheet, through a hotel lobby and checks into a room. That guest then comes out of his room without the covered box and tells the manager that he will be gone for a couple of days but will remain checked in. 

            As soon as the guest leaves, the hotel manager gets suspicious there may be an animal caged inside the room. The manager lets himself in to make sure there isn’t a secret lion waiting to shred his hotel staff. Lo and behold, he finds a mailbox unit and stolen mail strewn around the room and stuffed into trash bags.

            Rifled mail scattered through a hotel room is a common scene for investigators to come across; it is just as common to also find laptops and the printers for making fake driver’s licenses. Stolen mail is the raw material necessary to fuel a fraud operation.

            What are offenders looking for when they’re rifling through bags of mail? Anything with identifying information, such as names, dates of birth, Social Security numbers, driver’s license numbers, and the like. A whole lot of information is already on the internet for fraudsters to find, but when they combine it with what they discover in the mail, thieves can use the identifiers to create entire identities. With these identities, fraudsters can open bank accounts or access existing bank accounts, obtain loans through new credit lines, apply for new credit cards, and even obtain a loan to purchase a vehicle at a dealership (as long as they fabricate the fake ID to accompany the stolen Social Security number they are providing to the dealership). The possibilities are endless. 

            Another classic vein of fraud associated with mail theft is check forgeries. In the simplest scheme, mail thieves steal checks out of the mail and create fake IDs to match the names on the stolen checks. The thieves then cash the checks at local check-cashing businesses. In another slightly more labor-intensive scheme, suspects steal checks out of the mail, wash them, and write in their own names on the payee line to either deposit or cash.

            More recently, I have come across a bank fraud scheme in which suspects recruit young people looking to make a quick buck to deposit washed checks into the youngsters’ bank accounts. The youngsters then withdraw the deposited amount in cash, give most of it to the suspects, and keep a small kickback for themselves. This scheme allows bank fraud suspects to avoid being seen on bank surveillance while the youngsters take the heat from law enforcement for depositing stolen checks. 

            Postal inspectors may ultimately connect the suspects in this scheme through a traffic stop and phone dump. For instance, just after midnight one evening, a vehicle is seen pulling out of a post office parking lot, and officers make a traffic stop for failing to signal a turn. Officers then smell marijuana as they walk up to the vehicle and ask the driver to step out. As the driver does, officers hear the jingle and clank of a couple of keys falling to the ground. You guessed it, arrow keys. Inside the vehicle, officers find a trash bag full of stolen mail yet to be processed by the post office. The postal inspectors interview this suspect, dump his phone, and ultimately connect him to a bank fraud scheme using what is found on the phone.

            Postal inspectors often get involved in state investigations when local law enforcement agencies encounter stolen mail or fraud associated with stolen mail. In the above example, as soon as the officer conducting the traffic stop identified the arrow keys and a large bag of stolen mail, he contacted a postal inspector who made the scene.  USPIS has broad jurisdiction in the types of cases they handle, and in Harris County, they have been involved in investigations ranging from mail theft to murder. Most often, we see state charges filed by postal inspectors related to fraud, identity theft, and aggravated robberies of postal carriers.

What can prosecutors do about mail theft?

For the most part, existing fraud statutes give us a pretty good toolbox to work with for charging mail fraudsters. The mail theft statute is a relatively new tool, but in practice, it is not terribly useful for fraud purposes. Section 31.20 is the newest addition to Penal Code Chapter 31. This chapter covers theft offenses, and the mail theft statute became effective September 1, 2019. Section 31.20(b) states, “A person commits an offense if the person intentionally appropriates mail from another person’s mailbox or premises without the effective consent of the addressee and with the intent to deprive that addressee of the mail.” Subsection (c) then lists the number of addressees who must be deprived of their mail to reach each punishment range. Section 31.20(d) lays out the enhanced punishment ranges should the defendant be caught with identifying information and the defendant intended to commit Fraudulent Use of Identifying Information. Chances are, if the facts are available for §31.20(d), then a higher charge for Fraudulent Use or Possession of Identifying Information could also be available.[3] By the time investigators find identifying information within the stolen mail and facts show that the suspect intended to commit fraud, it is likely the mail has already been opened. At this point, it is likely that the mail thieves are in possession of more than just a few pieces of identifying information. Read on, and I will explain the basics of the Fraudulent Use or Possession of Identifying Information charge.

            It would appear that §31.20 was created with an eye toward porch pirates and thus, in practice, it is not often used in fraud-related cases. Prosecutors have always been told mail theft is a federal charge and yes, USPIS does file a large number of these cases with the U.S. Attorney’s Office. However, there are instances in which the USAO declines charges, and we end up filing state charges instead. State charges are often filed more quickly, and local prosecutors can file charges to get defendants into custody (or on bond conditions) while federal investigators finish their investigations to file federally. 

            Rarely do I file fraud charges under §31.20, as the majority of fraud cases fall within some flavor of Chapter 32 (Fraud) or Chapter 37 (Perjury or Other Falsification) of the Texas Penal Code. Ultimately, the goal of these offenders is to steal identities and profit from doing so. The most common charge we see is Fraudulent Use or Possession of Identifying Information under §32.51. When suspects are caught with trash bags or rooms full of stolen mail, we quickly get to a first-degree charge, which requires more than 50 pieces of identifying information. 

            Getting to 50-plus pieces of identifying information is not as daunting as it sounds. Section 32.51 defines identifying information as:

            1) name and date of birth;

            2) unique biometric data, including a person’s fingerprint, voice print, or retina or iris image;

            3) unique electronic identification number, address, routing code, or financial institution account number;

            4) telecommunication identifying information or access device; and

            5) Social Security number or other government-issued identification number.

            Each of these options counts as one piece of identifying information. As an example, one fake driver’s license and a stolen check (a common combination) containing information for one victim could potentially yield three pieces of identifying information: 1) name and date of birth on the fake DL, 2) government-issued identification number on the fake DL, and 3) the bank account number on the stolen check. The takeaway under §32.51 is that we are looking for the number of stolen pieces of identifying information, not the number of victims or identities.

            When evaluating charges in these types of mail theft fraud schemes, consider the possibility of filing Engaging in Organized Criminal Activity (EOCA).[4] I have not yet seen a case where any defendant acted alone in this type of scheme. More often than not, it takes more than one person to steal the mail, make fake IDs, cash checks, apply for loans, apply for credit cards, make counterfeit credit cards, etc. In short, if you can prove that three or more people worked together to profit from an ongoing ID theft scheme, then consider filing an EOCA. Currently, §71.02 lists theft as a charge that qualifies for the EOCA statute. Notably, Chapter 31, the theft chapter, is not entirely incorporated under offenses that qualify for EOCA, and §71.02 does not explicitly list “mail theft” anywhere as a qualifying charge. On the other hand, Fraudulent Use or Possession of Identifying Information is certainly one of the charges available as an underlying charge to EOCA, and filing the EOCA bumps the degree of charge up one category.[5] Therefore, in an EOCA charge with an underlying first-degree ID theft case, a defendant without criminal history would be looking at a punishment range of 15 years to life or 99 years confinement in prison without the possibility of probation. This charge provides significant plea-bargaining power on our end and may incentivize defendants to give up bigger fish in the scheme. 

Other common charges

I am not saying that every one of these cases is going to end up in a 15-to-life EOCA charge—most will not include surveillance video of three suspects stealing vans full of mail and getting caught in a hotel room with an ID-manufacturing operation. In all likelihood, law enforcement will catch suspects at different stages of the schemes, and prosecutors are stuck with what evidence they recover at the time. 

            If a thief has stolen mail from a mailbox but has not yet rifled through it and all mail is intact, then perhaps the best charge is mail theft under §31.20. If the mail is unopened and sealed, investigators cannot ascertain what identifying information was in the possession of the mail thief, and the unopened mail is ultimately returned to the addressees. This may be the only scenario where we have actually used the mail theft statute.

            If a mail thief is caught at the stage of cashing a stolen check with a fake driver’s license, then perhaps the best charges available would be Tampering with a Governmental Record,[6] Fraudulent Use of Identifying Information,[7] and Forgery.[8]

            If a mail thief is caught purchasing a car with a fake driver’s license and provides a victim’s identifying information on the dealership loan application, then the defendant could be facing Tampering with a Governmental Record, Fraudulent Use of Identifying Information, and False Statement to Obtain Credit. False Statement to Obtain Credit is charged with a value ladder to determine the degree of charge, just like theft.[9] Depending on how flashy the ID thief is, it is easy to get to a third-degree felony or higher if the value of the vehicle is at least $30,000. Any time a mail thief provides stolen information to apply for a loan, False Statement to Obtain Credit should be considered. These cases get a little trickier when defendants apply for loans online, so be on the lookout for identity issues. Defendants may claim that another individual was actually the one who applied for the loan using the defendant’s identity, so proving that a particular defendant was the one who applied for a loan online could certainly become problematic without IP addresses to help locate the subscriber. 

            Finally, one growing trend is charging defendants with Fraudulent Use or Possession of Credit or Debit Card Information.[10] Like Mail Theft, this relatively new charge became effective September 1, 2019. It works similarly to Fraudulent Use or Possession of Identifying Information; however, each re-encoded or counterfeit credit card is counted as one piece of information. For example, if officers bust a room full of mail thieves re-encoding credit cards with stolen credit card information, then each counterfeit credit card counts toward getting to a higher charge pursuant to §32.315. If there are 50 credit cards or more, the offenders would be looking at a first-degree felony. To pursue this charge, investigators need to get their hands on a device called an ERAD, which is basically just a card reader most law enforcement agencies have; it spits out the information encoded into the magnetic stripe of a credit card. If the information on the magstripe does not match up to the account number on the front of the credit card, then you’ve got yourself a re-encoded credit or debit card.

Fraud is everywhere

Cyber and financial crimes—offenses that take advantage of resources designed to make our lives easier—are the crime trend of the future. New technology that becomes more useful every day also makes us increasingly vulnerable to fraud. Soon, our cars may be able to drive us to work upon command while we sip coffee and scroll through a newspaper from the driver’s seat—but that same car will be storing or sending our personal information somewhere where it can be stolen. Point being, even if we miraculously tackle fraud from mail theft, the next fraud scheme is right around the corner.

            However, the next time you see a mail theft case on your docket, consider that it could be your very own identity, your elderly neighbor’s identity, or a loved one’s identity on the line. In this sense, it might be worthwhile to do a little more digging to turn that stolen mail case into a fraud ring prosecution.


[1]  Tex. Code Crim. Proc. Art. 2.122. In Texas, Inspectors of the United States Postal Inspection Service are considered special investigators and have powers of arrest, search, and seizure under the laws of this state as to felony offenses only.

[2] Tex. Penal Code §31.20.

[3] Tex. Penal Code §32.51.

[4]  Tex. Penal Code §71.02.

[5]  Id.

[6]  Tex. Penal Code §37.10.

[7]   Tex. Penal Code §32.51.

[8]   Tex. Penal Code §32.21.

[9]   Tex. Penal Code §32.32.

[10]  Tex. Penal Code §32.315.