Internet Identity Theft By: Kaitlyn McRann Neera Pradhan.
-
Upload
alexandra-ramsey -
Category
Documents
-
view
221 -
download
2
Transcript of Internet Identity Theft By: Kaitlyn McRann Neera Pradhan.
DefinitionIdentity Theft n. the dishonest acquisition of personal information in order to perpetrate fraud, typically by obtaining credit, loans, etc., in someone else's name; fraud perpetrated in this way; (also) an instance of this.
Source: (http://www.oed.com/view/Entry/91004?redirectedFrom=Identity%20theft#eid905879)
Where Identity Thieves Strike Anyone from anywhere in the world
Internet makes it easier for the criminals to hide their identity and use social networking tools through their loop holes to access the target.
The most popular ways of getting your identity stolen are: Your Mail – Leaving your mailbox overnight can cause problems
Your Computer– Not having updated anti-spyware and anti-virus software
Your Trash– Dumpster diving for personal information
After creating successful fake ids for themselves, internet thieves can explore into others’ information without disclosing their own identity.
How “Third Party” gets involved in id-theft?
Example
The most common websites who offer net-detective services claiming to find anyone-anywhere in the world for you can be a starting point for internet thieves looking for personal information on others.
One Web site, docusearch.com, will retrieve a person's Social Security number in one day for $49. Dan Cohn, the director of docusearch.com, said he got The New York Times numbers from "various sources" but that none of his firm's services have contributed to identity theft. "Social Security numbers are pretty much public numbers anyway," Cohn said.
Item Sensitivity
Full Name Low
Address Low
Phone Number Low
Date of Birth Medium
Birthplace Medium
Mother's Maiden Name Medium
Social Security Number High
Bank Account Number High
Credit Card Number High
PIN or Password High
Three-tier Evaluation of Threat Level
Example
http://news.bbc.co.uk/1/hi/technology/7376738.stm
5 Most Common Ways identities Are Stolen Online
Phishing: Despite consumer and employee awareness, a carefully crafted email that appears to have been sent by fellow employee or trusted entity is probably the most effective spear phish. “Whaling,” or targeting a CEO or other high level executive with a phishing email can be even more successful.
P2P File Sharing: Peer-to-peer file sharing is a fantastic way to leak company and client data to the world.
Social Networking: Social networking websites have grown too big, too fast, and can’t keep up with security.
Malicious Websites: Websites designed to attack your computer and infect it with viruses number in the millions. Hacked websites, along with out-of-date operating systems and vulnerable browsers, put your identity at risk.
Malicious Attachments: PDFs used to be safe, but Adobe is the same boat today that Microsoft found itself in years ago: hack central. Adobe’s software or files are used on almost every PC and across all operating systems, and criminal hackers love it. According to an estimate from McAfee, in the first quarter of this year, 28% of all exploit-carrying malware leveraged an Adobe Reader vulnerability.
Other Common Problems Lack of user awareness: It can have a huge impact on breaching any private information over the network. Any information entered into the website can lead hackers to access personal information without the knowledge of users.
Business Record Theft: They get your information from businesses or institutions by stealing files out of offices where you're a customer, employee, patient or student; or bribing an employee who has access to your files; or even "hacking" into the organization's computer files.
Shoulder Surfing: A "shoulder-surfing" identity thief, standing next to you in a checkout line, can memorize your name, address and phone number during the short time it takes you to write a check. An identity thief can stand near a public phone and watch you punch in your phone or credit card numbers.
Dumpster Diving: They rummage through your trash, or the trash of businesses, and landfills For personal data.
Under the Color of Authority: They fraudulently obtain credit reports by abusing their employer's authorized access to credit reports, or by posing as landlords, employers or others who may have a legitimate need/right to the information.
Skimming: They steal your credit/debit card account numbers as your card is processed at a restaurant, store or other business location, using a special data collection/storage device.
When an identity is stolen Open new accounts
Apply for credit cards
Make charges and leave the bills unpaid
Set up utility services in your name
File for government services and benefits unemployment insurance or tax refunds
Thieves can use the existing accounts to use credit and debit cards
The victim must document everything they do and what happens with their records to prove someone else has been causing the problems and not them
ConsequencesIn 2004 the US government passed the Identity Theft Penalty Enhancement Act because of the increase in cases. This was to amend “the federal criminal code to establish penalties for aggravated identity theft.”
Wyoming LawsWyo. Stat. §6-3-315
Use of false identity, citizenship or resident alien documents
Misdemeanor punishable by imprisonment for not more than six months, a fine of not more than $1,000, or both.
Wyo. Stat. §6-3-901 et seq.
Theft of identity
A misdemeanor punishable by imprisonment for not more than six months, a fine of not more than $750, or both, if no economic benefit was gained or was attempted to be gained, or if an economic benefit of less than $1,000 was gained or was attempted to be gained by the defendant.A felony punishable by imprisonment for not more than 10 years, a fine of not more than $10,000, or both, if an economic benefit of $1,000 or more was gained or was attempted to be gained by the defendant.
Restitution
If a restitution plan is ordered pursuant to W.S. 7-9-101 through 7-9-115, the court may include, as part of its determination of amount owed pursuant to W.S. 7-9-103, payment for any costs incurred by the victim, including attorney fees, any costs incurred in clearing the credit history or credit rating of the victim or in connection with any civil or administrative proceeding to satisfy any debt, lien or other obligation of the victim arising as a result of the actions of the defendant.
Prevention
Do not to give out personal information over unsecured networks or public websites
Always use encrypted wireless connectionWhile using public wi-fi, make sure you have anti-
virus software and spyware updated
Make sure you logged out of your online applications properly
Only have one webpage open when using websites with your information
Test the security of the websites that require personal information
Never click links in emails and always type the address in manually or use a bookmark.
You should set administrative privileges to prevent the installation of P2P software.
Prevention contd.. Create policies and procedures that outline
appropriate use, and beware of social networking scams.
Confirm the contact information from places asking for information
Properly destroy papers with sensitive information
Be careful of shoulder surfing Have checks sent directly to the bank and not a
home address Cancel credit cards you have not used in 6
months Don’t carry unnecessary identifiers in your wallet Monitor your financial accounts and credit ratings Take your name off promotional lists
What To DoFile an official police reportPlace a fraud alert on your credit reportsNotify all your banksChange your passwords and other account
securityNew driver’s license/passport
Need hard evidence and police report to get new number
Monitor your credit Example: www.creditkarma.com
Conclusion
Identity theft is a growing problem
The more we use the internet and create online presence for ourselves, the more vulnerable we have become to online identity theft attacks.
The solution to this problem is vast and will take time to fix
Be cautious of where you give out personal information and what information you give out.
"About Identity Theft." Fighting Back Against Identity Theft (Federal Trade Comission). N.P., N.D. Web. 17 Apr. 2011. <Http://Www.Ftc.Gov/Bcp/Edu/Microsites/Idtheft/Consumers/About-identity-theft.Html>.
Acquisti, Alessandro, And Ralph Gross. "Proceedings Of The National Academy Of Sciences." Predicting Social Security Numbers From Public Data 106.2718 Jan. (2009): 1-3. Print.
Frank, M. J. (2010). Identity Theft Prevention And Survival. Retrieved From Http://Www.Identitytheft.Org/(Frank, 2010)
“Internet Usage Statistics." Internet World Stats. N.P., 2010. Web. 17 Apr. 2011. <Http://Www.Internetworldstats.Com/Stats.Htm>.
Jr., Jay F. Nunamaker, Et Al. "Detecting Fake Websites: The Contribution Of Statistical Learning Theory." MIS Quarterly 34.3 (2010): 435-461. Business Source Premier. Ebsco. Web. 16 Apr. 2011.
"Phishing Schemes Grow In Number And Sophistication." Point For Credit Union Research & Advice (2006): 13. Business Source Premier. Ebsco. Web. 16 Apr. 2011.
The Ultimate Guide To Identity Theft Prevention [Web Log Message]. (2006, October 13). Retrieved From Http://Www.Yourcreditadvisor.Com/Blog/2006/10/The_ultimate_gu.Html("the Ultimate Guide," 2006)
U.S. Library Of Congress, United States Statutes At Large. (2006). Identity Theft Penalty Enhancement Act (The Global Legal Information Network Publication Issue No. 118 Stat. 831). Washington, DC: The Global Legal Information Network . Retrieved From Http://Www.Glin.Gov/View.Action?Glinid=183402(u.S. Library Of, 2006)
U.S. Department Of The Treasury, Federal Reserve Bank Of Boston. (2005). Identity Theft Boston, MA: Public & Community Affairs. Retrieved From Http://Www.Bos.Frb.Org/Consumer/Identity/ (U.S. Department Of, 2005)
Whitson, Jennifer R., And Kevin D. Haggerty. "Identity Theft And The Care Of The Virtual Self." Economy & Society 37.4 (2008): 572-594. Business Source Premier. Ebsco. Web. 16 Apr. 2011.
References