Difference between revisions of "Online Identity Theft"

From SI410
Jump to: navigation, search
(Prevention)
(Causes)
Line 19: Line 19:
  
 
== Causes ==
 
== Causes ==
One way of obtaining information is by phishing. This involves sending spoof emails to people impersonating a business or institution. Spoof emails typically involve a user receiving an email to change his/her password after clicking the link. It takes the user to what appears to be a legitimate site; however it belongs to the thief. After the user enters his/her information, it is now in the hands of the criminal. Examples of this occur with online stores and financial merchants.  
+
One way of obtaining information is by phishing. This involves sending spoof emails to people impersonating a business or institution. Spoof emails typically involve a user receiving an email to change his/her password after clicking the link. It takes the user to what appears to be a legitimate site; however it belongs to the thief. After the user enters his/her information, it is now in the hands of the criminal. Examples of this occur with online stores and financial merchants. Another cause of online identity theft can be phishing websites themselves, without sending emails. These types of websites put up a front of a legitimate business, but really have the intention of obtaining some information from you, whether it be credit card information, social security numbers, or personal identification numbers.
  
 
== Effects ==
 
== Effects ==

Revision as of 20:35, 12 December 2011

Online identity theft is a form of fraud where a criminal impersonates another person by obtaining personal information through the Internet. Typically, criminals steal another’s identity for financial gain such as applying for loans or credit cards without the person’s knowledge. Information gained from online identity theft includes but is not limited to social security numbers, signatures, names, addresses, phone numbers, credit card information etc. Because there are so many types of online identity theft (see pie chart below to the right), criminals have more options in how they commit identity theft online, resulting in more and more cases of this crime. In order to combat the increasing frequency of online identity theft, the government is making the consequences for online identity theft more severe. (Back to index)

Overview of each type of online identity theft, based on the Federal Trade Commission complaint data

Background

While the use of computers and Internet have given people new ways of accessing information, both have their negative consequences as well. In fact, one of the fastest growing crimes in the online environment is online identity fraud. Every time someone logs onto a computer, they are vulnerable to attacks from hackers, even with firewalls. The aftermath of being a victim of identity theft can be expensive and traumatic. Before computers and the Internet, criminals had to go “dumpster diving” or steal one's mail in order to gain his or her personal information. Now, through the use of modern technology, people open themselves up for a variety of risks to be hacked. All of the information that users share through social networks, online job and bank applications, and emails is vulnerable to theft by hackers from a remote location, making identity theft online far easier than in the real-world.

Types of identity theft

The most common forms of identity theft are listed below:

Financial Identity Theft

Financial identity theft, the most common form of online identity theft, occurs when someone illegally gains possession of another person's financial information, enabling the thief access to the victim's bank accounts and/or credit cards. Thieves have the ability to completely wipe the victim's entire bank account within hours or apply for numerous credit cards or loans using the victim's name and information. The rise in online banking and shopping has facilitated the increase in financial identity theft.

Criminal identity Theft

This occurs when a criminal gives another person’s name and personal information, such as a Social Security Number, to a law enforcement officer during an investigation. In some cases, the victim may not know their identity was stolen. In situations like this, the victim may not know there is a warrant out for his/her arrest and could lose unemployment or banking privileges. Criminals who steal another’s identity use the information it to open new accounts impersonating the victim.

Other

Other examples of online identity theft include medical identity theft, identity cloning, and business/commercial identity theft.

Causes

One way of obtaining information is by phishing. This involves sending spoof emails to people impersonating a business or institution. Spoof emails typically involve a user receiving an email to change his/her password after clicking the link. It takes the user to what appears to be a legitimate site; however it belongs to the thief. After the user enters his/her information, it is now in the hands of the criminal. Examples of this occur with online stores and financial merchants. Another cause of online identity theft can be phishing websites themselves, without sending emails. These types of websites put up a front of a legitimate business, but really have the intention of obtaining some information from you, whether it be credit card information, social security numbers, or personal identification numbers.

Effects

The effects of online identity theft are severe. People hesitate to use online banking, make financial transactions, and shop online. Identity thieves can cause financial and physiological damage. The financial damage can increase ones debt by thousands of dollars and severely damage the victim's credit score. Victims of identity theft claim they feel “violated” after having their identity stolen by an unknown person.[1]

Prevention

In order to protect an identity, people need to protect their personal information, especially online. The most common information stolen online is account numbers, passwords, personal identification numbers (PIN), and Social Security Numbers (SSN). The most effective way is to never post this information in an online environment. However, there are professional companies with proven strategies to help people detect online identity theft. Likewise, many credit card companies have implemented fraud detection programs that help catch identity thieves by identifying fraudulent charges and contacting the cardholder.[2] Here are some easy steps to prevent your identify from being stolen:

1. Stay away from phishing websites

  • Phishing websites are sites that look like they are a legitimate business, but really is looking to steal your information. Make sure you are familiar with a website before giving them information, such as a username and password, credit card information, address, or social security number. After investigating the legitimacy of the website, if you are still unsure, call their number to find out more information.

2. Utilize some sort of antivirus and anti-malware software.

  • Computer viruses are easily spreadable and can gain access to personal information stored on your system. In order to prevent this from occurring it is essential to have these types of programs running on your computer at all times. A list of the best antivirus software of 2012 can be found at that link.

3. Password protection

  • When creating passwords, make sure they have at least one capital letter, numbers, letters, as well as some sort of symbol (%, &, ?). Creating different passwords for each site is also beneficial. Do not use any personal information in your passwords, such as your birthdate, childrens' names, pets' names, or your name.

4. Shop only at encrypted websites.

  • When a website is encrypted, the data you input into it will be secured. An encrypted website is identified by a small lock in the corner of your screen. When clicking this lock, a security certificate will appear, indicating that it is safe for you to input information. Shopping on these types of websites will ensure the safety of your personal information.

5. Limit the amount of personal information you input into social media websites

  • Although social media websites are an amazing form of communication and have drastically changed, and continue to change, how people interact with each other, it is important to limit the amount of personal information you allow people to see. Putting the proper privacy settings on these websites is also important, so people you do not know are unable to access the information you have posted.

6. Use a secured wireless network

  • While some people still used a wired connection, most people are using wireless connections. It is important to have a password on your wireless network not only to prevent others from using your network and taking up bandwidth, but also to prevent these users from seeing which webpages you visit. Giving attackers access to this type of information makes it easier to build an informative profile of yourself, thus making it easier to steal your identity.

7. Download software from reputable sites

  • This goes along the same lines as shopping through encrypted websites. Make sure the software you download is not a virus or other form of detrimental software. These types of programs may contain workarounds that antivirus or anti-malware software cannot detect.

Ethics

It is a federal crime to “knowingly transfer, possess, or use without lawful authority, a means of identification of another person”.[3] Whether it's stealing credit card and Social Security Numbers stolen or bank account information, the government and media have made it clear that any form of identity theft is a crime. An individual is allowed to do what he or she pleases as long as it does not harm others in society. When a criminal hacks into another person’s account to steal personal information for their own gain, the victim is left hurt both financially and emotionally. Peoples' lives and welfare are harmed by identity theft if their money is stolen or they are unable to get a job. Stealing and using a person's information is considered unethical in most societies, and more attention should be placed on preventing this serious crime.

Due to the fact that many identity thefts occur online and user's information is generally taken from the online world, information security online is becoming critical. Victims may feel as if banks, companies or other trustworthy places may not have secured their information properly. After the Playstation network was hacked April 20, 2011, many user's credit card information was taken [4]. As a result, there was a large outcry that their security should be revamped. Obviously identity theft is considered immoral and unethical by most individuals of society, but the instances of identity theft are increasing and this is putting pressure on companies to improve their security plans. Ethically speaking, the battle against identity theft will require both collaboration from the people as well as companies to protect important data. Even with the increase in punishment for thieves, anonymity online has made it hard for the culprits to be tracked down and prosecuted.

See Also

References

  1. Internet Identity Theft - A Tragedy for Victims, Software and Information Industry Association. May 26, 2011.
  2. Identity Crime Research and Coordination, Australasian Center for Policing Research. June 30, 2006.
  3. Internet Identity Theft - A Tragedy for Victims, Software and Information Industry Association. May 26, 2011.
  4. http://www.pcworld.com/article/226128/sony_makes_it_official_playstation_network_hacked.html
Retrieved from "http://si410wiki.sites.uofmhosting.net/index.php?title=Online_Identity_Theft&oldid=8554"