Internet Identity Theft

By:Kaitlyn McRannNeera Pradhan

DefinitionIdentity Theft n. the dishonest acquisition of personal information in order to perpetrate fraud, typically by obtaining credit, loans, etc., in someone else's name; fraud perpetrated in this way; (also) an instance of this.

Source: (http://www.oed.com/view/Entry/91004?redirectedFrom=Identity%20theft#eid905879)

Where Identity Thieves Strike Anyone from anywhere in the world

Internet makes it easier for the criminals to hide their identity and use social networking tools through their loop holes to access the target.

The most popular ways of getting your identity stolen are: Your Mail – Leaving your mailbox overnight can cause problems

Your Computer– Not having updated anti-spyware and anti-virus software

Your Trash– Dumpster diving for personal information

After creating successful fake ids for themselves, internet thieves can explore into others’ information without disclosing their own identity.

How “Third Party” gets involved in id-theft?

Example

The most common websites who offer net-detective services claiming to find anyone-anywhere in the world for you can be a starting point for internet thieves looking for personal information on others.

One Web site, docusearch.com, will retrieve a person's Social Security number in one day for $49. Dan Cohn, the director of docusearch.com, said he got The New York Times numbers from "various sources" but that none of his firm's services have contributed to identity theft. "Social Security numbers are pretty much public numbers anyway," Cohn said.

Item Sensitivity

Full Name Low

Address Low

Phone Number Low

Date of Birth Medium

Birthplace Medium

Mother's Maiden Name Medium

Social Security Number High

Bank Account Number High

Credit Card Number High

PIN or Password High

Three-tier Evaluation of Threat Level

Example

http://news.bbc.co.uk/1/hi/technology/7376738.stm

5 Most Common Ways identities Are Stolen Online

Phishing: Despite consumer and employee awareness, a carefully crafted email that appears to have been sent by fellow employee or trusted entity is probably the most effective spear phish. “Whaling,” or targeting a CEO or other high level executive with a phishing email can be even more successful.

P2P File Sharing: Peer-to-peer file sharing is a fantastic way to leak company and client data to the world.

Social Networking: Social networking websites have grown too big, too fast, and can’t keep up with security.

Malicious Websites: Websites designed to attack your computer and infect it with viruses number in the millions. Hacked websites, along with out-of-date operating systems and vulnerable browsers, put your identity at risk.

Malicious Attachments: PDFs used to be safe, but Adobe is the same boat today that Microsoft found itself in years ago: hack central. Adobe’s software or files are used on almost every PC and across all operating systems, and criminal hackers love it. According to an estimate from McAfee, in the first quarter of this year, 28% of all exploit-carrying malware leveraged an Adobe Reader vulnerability.

Other Common Problems Lack of user awareness: It can have a huge impact on breaching any private information over the network. Any information entered into the website can lead hackers to access personal information without the knowledge of users.

Business Record Theft: They get your information from businesses or institutions by stealing files out of offices where you're a customer, employee, patient or student; or bribing an employee who has access to your files; or even "hacking" into the organization's computer files.

Shoulder Surfing: A "shoulder-surfing" identity thief, standing next to you in a checkout line, can memorize your name, address and phone number during the short time it takes you to write a check. An identity thief can stand near a public phone and watch you punch in your phone or credit card numbers.

Dumpster Diving: They rummage through your trash, or the trash of businesses, and landfills For personal data.

Under the Color of Authority: They fraudulently obtain credit reports by abusing their employer's authorized access to credit reports, or by posing as landlords, employers or others who may have a legitimate need/right to the information.

Skimming: They steal your credit/debit card account numbers as your card is processed at a restaurant, store or other business location, using a special data collection/storage device.

When an identity is stolen Open new accounts

Apply for credit cards

Make charges and leave the bills unpaid

Set up utility services in your name

File for government services and benefits unemployment insurance or tax refunds

Thieves can use the existing accounts to use credit and debit cards

The victim must document everything they do and what happens with their records to prove someone else has been causing the problems and not them

How Stolen Information was used..

ConsequencesIn 2004 the US government passed the Identity Theft Penalty Enhancement Act because of the increase in cases. This was to amend “the federal criminal code to establish penalties for aggravated identity theft.”

Wyoming LawsWyo. Stat. §6-3-315

Use of false identity, citizenship or resident alien documents

Misdemeanor punishable by imprisonment for not more than six months, a fine of not more than $1,000, or both.

Wyo. Stat. §6-3-901 et seq.

Theft of identity

A misdemeanor punishable by imprisonment for not more than six months, a fine of not more than $750, or both, if no economic benefit was gained or was attempted to be gained, or if an economic benefit of less than $1,000 was gained or was attempted to be gained by the defendant.A felony punishable by imprisonment for not more than 10 years, a fine of not more than $10,000, or both, if an economic benefit of $1,000 or more was gained or was attempted to be gained by the defendant.

Restitution

If a restitution plan is ordered pursuant to W.S. 7-9-101 through 7-9-115, the court may include, as part of its determination of amount owed pursuant to W.S. 7-9-103, payment for any costs incurred by the victim, including attorney fees, any costs incurred in clearing the credit history or credit rating of the victim or in connection with any civil or administrative proceeding to satisfy any debt, lien or other obligation of the victim arising as a result of the actions of the defendant.

Prevention

Do not to give out personal information over unsecured networks or public websites

Always use encrypted wireless connectionWhile using public wi-fi, make sure you have anti-

virus software and spyware updated

Make sure you logged out of your online applications properly

Only have one webpage open when using websites with your information

Test the security of the websites that require personal information

Never click links in emails and always type the address in manually or use a bookmark.

You should set administrative privileges to prevent the installation of P2P software.

Prevention contd.. Create policies and procedures that outline

appropriate use, and beware of social networking scams.

Confirm the contact information from places asking for information

Properly destroy papers with sensitive information

Be careful of shoulder surfing Have checks sent directly to the bank and not a

home address Cancel credit cards you have not used in 6

months Don’t carry unnecessary identifiers in your wallet Monitor your financial accounts and credit ratings Take your name off promotional lists

What To DoFile an official police reportPlace a fraud alert on your credit reportsNotify all your banksChange your passwords and other account

securityNew driver’s license/passport

Need hard evidence and police report to get new number

Monitor your credit Example: www.creditkarma.com

Helpful Companies

Form for reporting stolen passport

Conclusion

Identity theft is a growing problem

The more we use the internet and create online presence for ourselves, the more vulnerable we have become to online identity theft attacks.

The solution to this problem is vast and will take time to fix

Be cautious of where you give out personal information and what information you give out.

 "About Identity Theft." Fighting Back Against Identity Theft (Federal Trade Comission). N.P., N.D. Web. 17 Apr. 2011. <Http://Www.Ftc.Gov/Bcp/Edu/Microsites/Idtheft/Consumers/About-identity-theft.Html>.

 Acquisti, Alessandro, And Ralph Gross. "Proceedings Of The National Academy Of Sciences." Predicting Social Security Numbers From Public Data 106.2718 Jan. (2009): 1-3. Print.

 Frank, M. J. (2010). Identity Theft Prevention And Survival. Retrieved From Http://Www.Identitytheft.Org/(Frank, 2010)

 “Internet Usage Statistics." Internet World Stats. N.P., 2010. Web. 17 Apr. 2011. <Http://Www.Internetworldstats.Com/Stats.Htm>.

 Jr., Jay F. Nunamaker, Et Al. "Detecting Fake Websites: The Contribution Of Statistical Learning Theory." MIS Quarterly 34.3 (2010): 435-461. Business Source Premier. Ebsco. Web. 16 Apr. 2011.

 "Phishing Schemes Grow In Number And Sophistication." Point For Credit Union Research & Advice (2006): 13. Business Source Premier. Ebsco. Web. 16 Apr. 2011.

 The Ultimate Guide To Identity Theft Prevention [Web Log Message]. (2006, October 13). Retrieved From Http://Www.Yourcreditadvisor.Com/Blog/2006/10/The_ultimate_gu.Html("the Ultimate Guide," 2006)

 U.S. Library Of Congress, United States Statutes At Large. (2006). Identity Theft Penalty Enhancement Act (The Global Legal Information Network Publication Issue No. 118 Stat. 831). Washington, DC: The Global Legal Information Network . Retrieved From Http://Www.Glin.Gov/View.Action?Glinid=183402(u.S. Library Of, 2006)

 U.S. Department Of The Treasury, Federal Reserve Bank Of Boston. (2005). Identity Theft Boston, MA: Public & Community Affairs. Retrieved From Http://Www.Bos.Frb.Org/Consumer/Identity/ (U.S. Department Of, 2005)

 Whitson, Jennifer R., And Kevin D. Haggerty. "Identity Theft And The Care Of The Virtual Self." Economy & Society 37.4 (2008): 572-594. Business Source Premier. Ebsco. Web. 16 Apr. 2011.

References

Questions