Cyber Crime And Society: Identity Theft

In the 21st century Cyber Crime has become one of the biggest form of crime in the world. It’s a cowardly act of crime which can be performed from across the world. An article by (“The True Cost of Cybercrime? $5.2 Trillion Apparently.” Information Age, 21 Jan. 2019, www.information-age.com/cost-cybercrime-123478352/.) estimated that cyber crime could cost companies world wide over 5.2 trillion dollars over the next five years. However this is a estimated number as finding exact dollar amounts in cyber crime is very difficult because a lot of thefts aren’t reported. One of the largest forms of theft in cyber crime comes in the form of identity theft, which “use of an individual’s personally identifying information by someone else (often a stranger) without that individual’s permission or knowledge. This form of impersonation is often used to commit fraud, generally resulting in financial harm to the individual and financial gain to the impersonator.” (Radin, Tara J. “Identity Theft.” Encyclopædia Britannica, Encyclopædia Britannica, Inc., 1 May 2016, www.britannica.com/topic/identity-theft#ref1192813.)

Identity theft is usually targeted towards a specific individual. Criminals will usually target someone and try to gain any type of public information from online and social media accounts such as a person’s phone number or address, and if possibly an confidential information, such as a person’s Social Security number, credit card numbers which can help the perpetrator take your identity more easily. Criminals have a lot of interest in social security cards, because social security numbers aren’t updated, criminals can wait years to use it to steal someone’s info. By acquiring access to that information, an identity thief can impersonate someone else to commit fraud. Most forms of identity theft are revolve around financial gains, some will gain access to personal accounts and then use that to gain a ransom from you in exchange for it back. In 2017, 7 million people experienced some form of identity theft according to a survey by Harris Poll in 2018, and happens regularly, every 2 seconds a person was victimized somewhere in the world. (Preventing Identity Theft: 21 Rules You Must Use.” Identity Theft Handbook, 2015, pp. 295–311., doi:10.1002/9781119203162.ch20.)

Stealing peoples personal information has made has made huge strides since the start of the millennia. The older and simpler way of stealing information by criminals included techniques such as stealing mail, dumpster diving for information, eavesdropping on conversations which is referred to as shoulder surfing by some people, or just theft by unlawful taking. People even went as far as taking information from deceased individuals by collecting information tombstones. With the huge strides in technology in the past 20 years, more and more people are relying on phones and computers to do everyday tasks, cyber crime criminals have grown with it. Instead of dumpster diving for or eavesdropping on people for information, criminals can simply take someone’s personal data without leaving their house.

Criminals have gotten very clever now using techniques such as skimmers which are essentially copy machines that are placed on ATM card readers which collect all of your card information when using the ATM. (Kagan, Julia. “Skimming.” Investopedia, Investopedia, 12 Mar. 2019, www.investopedia.com/terms/s/skimming.asp.) Other methods include spam which can be in the form of a banking website or shopping website which usually asks you to update information and collects your data that way. Personal computers are also a big target for cyber criminals which can access all of your files and personal info without authorization. Much of these can be avoided if you are just smart about your information. Cyber Criminals mostly depend on people being ignorant to these types of techniques and much of these can be avoided if you just look for them. Skimmers are often a replica of the card slot itself that fits over the card reader and can be popped on and off. So the next time you use a ATM just give a small tug on the plastic part of the reader, skimmers can be easily found and removed if you know what your looking for.

By being safe and cautious about these forms of theft can save you a ton of time in the end. In 2017 it was estimated that 140 million hours were spent of identify theft victims trying to regain and fix their information. Identity theft was ranked the number 1 consumer complaint in 2014 for the 15th year in a row. This is due to the hundreds of thousands of data breaches to large corporations each year. Criminals will steal hundreds of people’s information from the corporations data base. Large corporations tend to not share this info with the public and their consumers because it makes them look weak and shows that they can’t protect their customers info. It cost roughly 4 million dollars for each data breach that occurs. This is from either rein-busting customers or trying to upgrade the software to help better protect from it happening again. (Irimia R, Gottschling M (2016) Taxonomic Revision of Rochefortia Sw. (Ehretiaceae, Boraginales). Biodiversity Data Journal 4)

Identity Theft: Process, Ways And Effects

“Identity theft” is when thieves steal your private data or information. In order to take over or open new accounts, file, rent or buy properties, or for other criminal things by taking your good name. “Identity theft” is the fastest-growing crime all over the world. The very obvious reason behind it is that most of us have made our most valuable personal data or information -name, address, driver’s license, credit card number and social security number, etc. – available on internet and make easy for cyber criminals to stealing it! Here a good news is that consumers and businesses have fight against identity theft and they are winning even some battles but there is such a long way to go.

Artificial Intelligence is one of the biggest part of the identity theft . By using Artificial Intelligence criminal steals lots of information in digital form. Artificial intelligence and its subsets like machine learning and deep learning make it possible to accurately process, verify, and authenticate identities.

Introduction

Identity theft happen when someone steals your personal data or personal information and uses it without your permission or without your knowledge. There are so many forms of identity theft, and each one can affect you in a different way.

There’s no way to exclude yourself against identity theft completely. But if you’re intelligent in understanding how your information can be at risk and how fraudsters can use it, you’ll be better know how to protect your data or information and act quickly when someone steal your information.

How Identity Theft Happens

Identity theft is a broad term that can apply any time when someone steals your personal information, such as your Social Security number, and uses it to create a new account, make a purchase or commit other fraud.

Because of the nature of technology and the internet, your personal information is always at risk. If you’re not carefully monitor your credit file, you may not notice. You’ve been victimised until the damage has already done.

Here’s 10 of the most common ways identity thieves get hold of your data

1. Data Breaches

A data breach can happen when someone gain access to an organisation’s data without the authorisation. The most common types of information stolen in data breaches are full names, Social Security numbers and credit card numbers.

According to Identity Theft Resource Centre in 2018, there were 1,244 data breaches was in the U.S., and more than 446 million records were found.

Due to people having so many accounts with various kind of businesses and other organisations, it’s virtually impossible to keep the information safe from a data breach, but there are various steps you can take to minimise the risk.

2. Unsecured Browsing

For the most important, you have to browse the internet safely, especially when you stick to well-known websites. But if you use any unsecured website and share information on that website or using a website that’s been compromised by a hackers than you could be putting your sensitive information directly in the hands of a thief.

It depends on your browser, it may give you an alert if you try to access a risky website.

3. Dark Web Marketplaces

The dark web is the place where you’r personally identifying information ends up after it has been stolen. Hackers not always steals your information to use it for themselves, but may instead choose to sell it to others who have potentially nefarious intentions.

The dark web is a hidden network of websites. They aren’t accessible by normal browsers. People who visit the dark web they use special software to mask their identity and activity, making it a haven for fraudsters. When your information ends up on a dark web marketplace, without your knowledge, anybody could buy it and putting your identity in more danger.

4. Malware Activity

Malware or malicious software is any kind of program or file that is harmful for a computer user. Types of malware can be computer viruses, worms, Trojan horses and spyware. These malicious programs can perform a variety of different functions like stealing data or information, encryption or deletion of sensitive data, altering or hijacking core computing functions and monitoring users’ computer activity without their permission or their knowledge.

5. Credit Card Theft

One of the simplest forms of identity theft is credit card theft or credit card fraud. If a thief steals your credit card can gain access to your credit card information, then they can use it to make unauthorised purchases.

Mostly credit card theft are occur through a data breach, physical theft, credit card skimmers and via online retail accounts where card informations are stored.

6. Mail Theft

Since long before when there was no internet, identity thief has been combing through the mail to find documents that hold the personal information. Bank and credit card statements, and any other document that you send or receive through the postal system, that can be used to gain access to your data.

The mail you throw away can also leave you vulnerable, so make sure you shred all old mail that may contain personal information or personal data.

7. Phishing and Spam Attacks

Phishing attacks use email or malicious websites to collect personal information and financial information or infect your machine or computer with malware and viruses. Some scammers also use text messages and other forms of electronic communication to steal your sensitive information. The message is look like it is coming from any reputable source and asking victims to give up one or more types of information.

Spam is electronic equivalent of the junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here is way to reduce spam:

Enable filters on your email programs:

Most internet service providers and email providers offer you spam filters. However it depends on the level you set you may end up blocking emails you want. It is a good idea to always check your junk folder or junk files to ensure the filters are working properly.

8. Wi-Fi Hacking

If you are using your computer or phone on a public network – airport, department store or coffee shop Then the Wi-Fi – hackers may be able to steal your data. It has been established that most of the Wifi networks are extremely vulnerable to security breaches and are easy to be hacked. No matter if you are technically savvy or not, you must be aware that you need to have a password for wifi security. It is important for you to understand that someone could compromise your wireless network and there are many ways out there for you to protect yourself.

9. Mobile Phone Theft

Smartphones are a treasure of information for identity thieves especially if your phone’s apps allow you to log in automatically without any password or fingerprint. If someone try to steal and unlock your phone then it could allow them to view the information that they found in your apps as well as in your emails, text messages, notes and much more.

Make sure your phone always locks with a secure passcode or password, biometric screening is set up properly and your passwords aren’t stored in plain text anywhere on your phone for the sake of security.

10. Card Skimming

Some thieves use a skimming device. That device can be easily placed over a card reader on an ATM or a fuel pump and it looks like original. When somebody swipes a debit or credit card at a compromised machine then skimmer reads the information from the card’s magnetic stripe and either stores it or transmits it. A criminal can then use this information to make purchases or for any other activity.

How Identity Theft Can Affect You

Once a thief has your information, they can do so many things with it, including:

  • Open fraudulent credit cards.
  • Use your existing bank or credit card accounts to make unauthorised purchases.
  • Sell it to other thieves.
  • File a fraudulent tax return or steal your tax refund.
  • Access your financial accounts and steal your money.
  • Commit child identity theft using your child’s information.

Depending on what type of theft that occurs and how the criminal uses the information identity theft can result in immediate loss in finance and damage to your credit and emotional distress. It may take anywhere from less than a day to so many months or even years to resolve the issue.

If you work on recovering from identity theft then you may end up dealing with late payments, medical bills, and IRS penalties requiring investigations and long-term assistance and if you are a tax identity theft victim. It may result in losing account access and having your personal accounts taken by the thieves and general loss of data privacy.

How to Check for Identity Theft

You can’t completely avoid the possibility that your identity may be stolen, but you can take action to spot potential fraud before it becomes a major problem.

For checking identity theft, keep one eye on your credit reports. While you can view for free every 12 months through AnnualCreditReport.com. You can view a summary of your reports more regularly through so many free and paid credit monitoring services.

As you check your report please watch for trade-lines that you forget to open. Also, keep one eye on your credit score – a sudden inexplicable drop can be a dead giveaway that something is wrong.

Here are some other telltale signs that someone may have your identity:

  • You aren’t receiving important mail such as bills or checks.
  • You get bills for items that you didn’t order or statements for credit cards that you didn’t sign up for.
  • You’re denied credit despite having an excellent credit rating.
  • You have unauthorised bank transactions or withdrawals.
  • You’ve received notice that your personal information may have been compromised in a data breach.
  • Your electronic tax filing is denied.
  • You receive unauthorised authentication messages by text or email for unknown accounts.
  • You get an email from an organisation that says your account has been recently accessed and it wasn’t you.
  • You receive a bill or an explanation of benefits for health care that you didn’t seek.

What to Do if You Think You’re a Victim

If you think that you’ve fallen victim to identity theft then the most important thing have to do is to limit the potential damage. In case your credit card or debit card was stolen please contact the card issuer and your bank immediately – some banks may even allow you to lock your bank account through your mobile app until you can report the fraud.

After that double-check your credit reports with the three credit bureaus (Experian, TransUnion and Equifax) to confirm any type of unusual activity and get help dealing with the identity theft. If you find something is a miss, consider locking or freezing your credit.

Alternatively you can set a fraud alert which notifies the lenders that you’ve been a victim of identity theft so that they can take extra measures to verify your identity.

Identity theft is a crime so it is also a good idea to contact your local law enforcement agency. While authorities may not be able to do much they can take reports and be on the alert for suspicious behaviour that could involve your name or address.

Before you go to report the crime reach out to the Federal Trade Commission to file a report. The agency will provide steps you need to do and paperwork to file reports – including how to deal with police reports – and help you out dispute fraudulent charges.

Being a victim of identity theft is a harrowing experience ever. It can take several months and many hours of filling out forms and working with agencies and businesses to recover the identity that is stolen.

Other Types of Identity Theft

There are less common types of identity theft – and you should know them :

  • Child ID Theft – Children’s IDs are extremely vulnerable. It’s hard to detect the thief for several years. By the time they become adults the damage already has been done.
  • Tax ID Theft – Thieves commonly use your Social Security number to falsely file tax returns with the IRS or state government.
  • Medical ID Theft – Someone could even steal your Medicare ID or health insurance member number to receive medical services. It could also trigger fraudulent billing to your health insurance provider.
  • Senior ID Theft – Mostly ID theft schemes will target seniors only who are in frequent contact with medical professionals or caregivers who have access to personal information or financial documents.
  • Social ID Theft – Whatever is on your social media platforms – your name, photos and other personal information – can be used to create a false account.

How to use AI to fight identity fraud

It’s no secret that identity fraud is a growing so fast and become a problem: A record shown that 16.7 million US adults experienced identity fraud in 2017 and marking an 8% increase from the year before according to Javelin’s 2018 Identity Fraud study.

The amount of fraudulent transactions, massive data breaches and instances of identity theft continues increase. Hackers and fraudsters become more sophisticated. ID scanning solutions have various strengths. Some simply scan an ID’s barcode whereas more robust software performs forensic and biometric tests to ensure that an ID is not forged.

Conclusion

Many types of identity theft are discuss here. One way is to continually check the accuracy of personal documents or personal data and promptly deal with any discrepancies. Lots of businesses provide products that help people avoid the effects of identity theft. These services provide information helping people to safeguard their personal information, monitor public records, as well as private records such as credit reports to alert their clients of every transactions and status changes. They also provide assistance to victims to help them resolve problems associated with identity theft. In addition some of the government agencies and nonprofit organisations provide similar assistance, typically with websites that have information and tools to help people to avoid, remedy and report incidents of identity theft.

Identity thieves mostly use computer technology to gain other people’s personal information for identity theft. To find such kind of information they always search the hard drives of stolen or discarded computers. So they hack into computers or computer networks and access computer-based public records. So that they can use the information gathering malware to infect computers. They browse social networking sites and use deceptive emails or text messages to steal your identity.

Resources

  1. https://en.wikipedia.org/wiki/Credit_card_fraud
  2. https://www.experian.com/blogs/ask-experian/what-is-identity-theft/
  3. https://www.debt.org/credit/identity-theft/
  4. https://techbeacon.com/security/how-use-ai-fight-identity-fraud
  5. https://searchsecurity.techtarget.com/definition/malware
  6. https://staysafeonline.org/stay-safe-online/online-safety-basics/spam-and-phishing/
  7. https://zenmate.com/academy/wifi-hacking-explained
  8. https://www.debt.org/credit/identity-theft/
  9. https://techbeacon.com/security/how-use-ai-fight-identity-fraud

Identity Theft And Its Effect In Australia

INTRODUCTION

In this report, it will be focusing on identity theft and the effects it has had on Australian citizens, as well as the effectiveness of national and international law with addressing the issue. Some cases of identity theft can include; scams, hacking, ransom and deep fakes which are the more frequent types of identity theft that affect an individual. Anyone can be a casualty of identity theft, it is a major threat to many individuals, the public need to be informed about this hence they will know how to handle the situation if they are ever a victim or it happens to another.

WHAT IT IS?

Identity theft is when someone uses another person’s information; such as their name, credit card number, social security number or any other personal information without the person’s consent and using their key information in order to commit fraud (or other crimes), obtain credit or loans, or to apply for something personal under someone else’s name, (such as passport, license, credit card, etc), even if the thieves or hackers have only few information about you they are still able to use the information from online sources such as the internet or social media; for photographs, date of birth, name, etc that are open and released to the public. Identity theft is usually used for personal gains, such as financial purposes, property or power over the person who is a victim.

HOW DOES IT WORK?

Identity theft can take place through many shapes and forms, it can happen online through hackers, in person if someone has lost their identification, missing mail (if you are not receiving regular mail, or receiving mail that is not yours), and many more. Occasionally when information is stolen from someone, the hacker may demand a ransom (demand for money )if the money is not paid or they would release the information online to the public, or to put it up onto the dark web, as a threat, or if the ransom is paid the hacker would “delete” the information, but most of the time isn’t and is kept as a blackmailing purpose or other reasons to hold the information from the person.

STATISTICS

“Almost a third of Australians who were affected by card fraud was targeted 2 or more times.”

Four men aged 50, 44, 33 and 37 were arrested and charged with a number of offences. The men sold medicare cards, driver’s licences and bank and credit cards, for people, they did this by using “sophisticated” machinery including printer and laminators. It is suspected that hundreds of people could’ve been affected by this happening as they could have been a victim of this crime. Police say it was hard to tell which were real identities of people and which were fake identities established from fictional people. Australian Border Force acting assistant commissioner David Nockels said: “once you have your identity stolen it is very difficult to get it back”. The 50-year-old man from Campsie was charged with possession of equipment to make false documents. The 44-year-old man from Carlton was charged with possession of equipment to make false documents and possession of a prohibited drug. The 33-year-old man from Homebush West was charged with five counts of dealing with identity information. And the other 37-year-old man from Homebush West was charged with five counts of dealing with identity information. A 51-year-old Chinese woman was detained as an illegal immigrant and soon to be deported from Australia.

In 2016 Azalea had a photo shoot with GQ Australia, her nude photographs were then stolen and leaked out online to the public, the photographs were being spread and shared around by an unknown source. “Research from Monash and RMIT Universities shows one in five Australians aged between 16 and 49 years have experienced image-based abuse, while one in 10 has perpetrated these acts.” Since the nude photographs had been leaked Azalea has come out and talked about other women whose faces and photos which had been used to make fake pornographic content (known as deep fakes). The images of these women have been edited onto another person who is performing the act to make it look like the woman whose face is being used is the person performing. Deep fakes affect many people, the main group of people targeted are celebrities and high-profile women to make it look like they are doing something they aren’t actually doing.

EFFECTIVENESS

The Australian Federal Police are working with the government to try and crack down on more of these cases to prevent them from happening too often to civilians. The ISST is also a group working with police to target groups responsible for the activity. In Australia, many people are affected by identity theft every day, the police advise people to be cautious of what they post on their social media networks as their identities such as name, date of birth, etc can be easily stolen, Facebook is one of the biggest sites where identities can we easily have stolen, your name, photograph, date of birth, city and family are all out to the public if not edited cautiously.

CONCLUSION

Identity theft can happen to anyone around the world. Everyone must be cautious of what they put out online, and who they trust with their passwords. Civilians are able to be hacked online easily with everything involving the internet and social media, which shows off a substantial amount of information. There are many ways someone can have their identity stolen so it is best that everyone is always cautious about their social media and their personal belongings, such as passport, drivers license, Medicare card and other belongings that could have them potentially having their identity stolen.

Identity Theft: Types, Effects And Preventions

Introduction

Identity theft is a big problem for our digital world. It can cause depression, decreasing your wellbeing. Identity theft has a lot of different types, such as driver’s license fraud, online shopping fraud, etc. If your wellbeing is bad, you can have a lot of stress, which can lead to violent emotions. A way we can prevent identity theft is to be educated to make your account secure, to not let any ‘mosquitoes’ (identity thieves) in. Identity theft happens when someone steals your identity by taking your personal information such as your driver’s license. Someone can have a fake identity, to get away from their past crimes. Scammers use different techniques to lure people in, like phishing. Phishing is a method hackers use to lure people into the trap, which is a scam. Identity theft is a very bad problem for our wellbeing and our safety.

What are identity theft and different types of identity theft?

Identity theft is when a person steals someone’s identity. This is when people use your identity, using clues such as license plate, online details, financial details, and online avatars or name. Identity theft is used also in many forms such as driver’s license identity theft, mail identity theft, debit card fraud or credit card fraud, online shopping fraud, social security number identity theft, account takeover identity theft, senior identity theft/senior scams, child identity theft, tax identity theft, biometric ID theft, Criminal identity theft, synthetic identity theft, new account takeover, medical identity theft, loan stacking fraud, auto lending fraud, employment identity theft and Internet identity theft. This is what identity theft is because these are all the methods that are possible for you to lose your identity. For example, a driver’s license identity theft, once they get your driver’s license they can hack your personal details and steal all your personal information and financial details. Credit card fraud is fairly the most common fraud used to steal someone’s identity, a credit card is fairly easy to steal all of your personal details and your identity. It is used to steal your 1. Credit card, 2. Your personal details (name, date of birth) and 3. It can be easy to hack everything else you own and is known for.

What effects can a credit card identity theft and online identity theft are on our wellbeing?

One of the hardest types of identity theft to deal with is credit card fraud. Credit card fraud or debit card fraud is when someone steals someone’s credit card details for their use. It can be very hard for you if you don’t have money. The world revolves around money, and if you don’t have any, your life could be very hard. You need money to buy food, to move around places, and good shelter. `Your wellbeing can be affected because you wouldn’t feel safe. An identity thief will not likely steal your credit card details just for satisfaction. They are most likely in need of money or want to take revenge. Credit card fraud can easily ruin someone’s well being.

If your identity was stolen, then the thief can easily get a loan under your account. The way that works is the thief takes your identity (which can be your driver’s license), and then they have your information. Your money, your address, and other personal details. They use your account to get a loan, and when it is time to pay back the loan, your bank tells you to pay it, and the thief gets all your money and you have to explain to the bank that you haven’t got a loan. Another scenario is when your driver’s license is stolen, and you can order something under your name, then, when the thief orders it, the package is delivered to not your address, but the thief’s. Identity theft is very similar to real-life mugging, which can be very bad for you.

Stress is your body’s reaction to bad situations, whether they are real, or you think it is real. You can feel financial stress because if you have kids, you will start to imagine their futures and if you can’t afford their school fees. Identity theft victims may experience similar emotional effects as victims of violent crimes, like anxiety to violent emotions. People’s personality can change from stress, and personality can be dangerous. Stress can make you do things that you wouldn’t do. Stress is proven that it can cause depression, mental illnesses and even cardiovascular disease (heart disease). Your blood pressure can rise, and your heart rate can increase. Some stress is not bad, as some stress can help you accomplish tasks and also protect yourself. Some stress symptoms are changes of your emotions, your ability to think, and your physical appearance. Stress is a very bad issue for wellbeing.

How does identity theft happen and how does it appear?

Identity Theft happens when you give your details to someone somehow. “Congratulations, you have won the new iPhone 11 pro, click here to claim,” this is likely a scam. A scam like this would seem obvious to be a scam but millions of people fall for it every year. Scammers use different techniques to get the person to agree to it. For a boy who is around the age of 10-13, the ads would be about free currency in a video game, where-as for a mother, they might advertise a scam for baby clothes, etc. Identity theft is used like hacking. People can hack into other people’s bank accounts, act like them and deposit large sums of money. They might even put a bunch of loans under your name. In real life, people can steal mail for account numbers, from a medical or government office or, steal your handbag or wallet for credentials. With your identity, people can access your credit card, acquire free food, bank accounts, get away with arrest and anything that checks who you are or on a sort of credentials. Identity theft also happens when you have subscriptions to sketchy websites. If a website looks suspicious or unusual you should probably find a better website do whatever you were doing. Identity theft also happens when you sign up for a certain shop to get a discount. This sometimes will give you spam in your emails or it can use your identity to use it for a certain reason. Hackers always have a certain reason the would ID theft you.

Identity theft appears in a lot of different ways. For example, it could appear by a pop-up or a certain software tool on your phone that says click here to update your belongings. Identity theft can appear all of a sudden or it can appear when you are not knowing. When you sign up for something on your phone you have all these terms and conditions. Most people are not bothered to read it so they scroll down and press “I accept.” In the terms and conditions, there could be something that says, your details and shared with everyone. It can appear unexpectedly by if a massive pop-up comes and blocks your screen that says something sketchy. One of the easiest ways anyone would fall for a scam is the free-wifi hotspot scam. Some internet networks may say “no password required”. But on the other hand, it will ask you unnecessary questions to “sign-in” or “verify”. A criminal can set up an open-access Wi-Fi hotspot in a coffee shop or airport or anywhere that’s connected to his or her laptop. Once you join, this person has access to your computer and mines it for financial and personal data. That’s how wifi hotspot works. How to avoid it. Do not click on any links in pop-up ads. Install a robust, trusted antivirus program on your computer and run it regularly. You may also install pop-up/ ad blockers on your browsers to prevent these scams from ever reaching you. Keep the important files on your computer backed up to an external drive, just in case. This is how identity theft happens, and how it appears.

How can we prevent credit card identity theft?

First of all, why is identity theft such a threat? There are thousands of hackers in Australia, capable of getting into your account. In just one year, there were over 16.8 billion dollars stolen due to identity theft and unauthorised withdrawals. If your identity has been stolen or you are worried it will be stolen you can follow these steps:

1. If your identity has been stolen, it was likely for your bank account details to steal your money. The easiest way to recover from this is to first contact the bank or companies involved. 2. If your identity has been stolen, and you contact the company you can be protected by the Fair Credit Billing Act. This lowers the money lost from an unauthorized person being in your account, so instead of losing $1000, you could only lose $50. 3. Another way to stop an identity thief can be connecting a credit fraud alert on your credit report. This will warn you and the banking company about a potential identity thief on your account. The good thing about this is, it’s free and will remain on your report for the whole year. 4. Check your credit report frequently. This is one of the most simple things you can do but also one of the most effective. Checking the report once every few months and reading through for purchases you may not have made. To help fight against identity theft, you should contact the police. As you know, the police have strong hackers and systems to catch and find an identity thief. If you try to catch them yourself, you could end up losing even more money… or worse.

How can we prevent online identity theft?

Identity theft is different because Identity theft is when someone steals your personal values online, or in real life. While credit card fraud is when a scammer or a hacker steals your credit card details. The main that identity theft is when someone acts like they are you, but on the other hand credit card fraud is when they steal your credit card details and uses them to buy stuff or do whatever they want on it. The hackers or scammers get your details very easily and you wouldn’t even know it. An example is signing into unusual things or subscriptions. There is a non-safe system where you can get an app on your phone and then you can get access to these green bikes that you can find everywhere. Hackers can easily hack that system then from there hack your phone and then all your personal items. Online identity theft is an extremely common occurrence and can lead to either annoying of catastrophic consequences. Important information is easily accessed without a strong firewall. Firewalls aren’t often used with home wifi networks though government intel and modems are more secure.

Conclusion

In conclusion, identity theft is harmful to your wellbeing, your values and your expenses. Identity theft appears when you give or someone takes your details and uses it for themselves. Identity theft can happen tangible, or intangible. It can happen anywhere. Identity theft appears to affect you deeply, this can lead to a severe depression issue to having anxiety everywhere you go. It can make you go through many emotions but depression is a severe danger especially it if it suffers in your daily life. The feelings you get are anxious to catastrophic and this has a big impact on your well being. In the end, Identity theft can be an easy lure to you and you can get your personal details stolen, your account hacked and you will probably see a lot of weird things that the scammer has bought. The final statement if that you should always keep your personal details to your loved ones and the people you trust, “Zero Trust” is a good system that can lock up all your details and if the hackers get past your fire-wall this will secure it to the max.

The Effects Of Identity Theft On The Victims

Identity theft is among the largest problems experienced in our society today. It is an invisible and silent crime where someone unknown to you steals your personal information quietly without consent from the owner or that of the immediate authority with an aim of using it for their own financial gain. The victims of this theft undergo financial stress and later might experience emotional, physical and social stress as well depending on the kind of crime committed with the stolen information. This theft is a crime with lasting effect and the victims face lingering effects for sometime after the identity theft and may even lead to involvement of the authorities and legal intervention.

Identity theft as the name suggests is a crime that involves someone’s identity being stolen quietly without being noticed by the victim or the immediate authority for financial gains. The thieves usually steal their victim’s personal information for use in financial transactions or for use in some criminal activities so as to prevent them from being linked to the crime and the victims on the other hand end up being linked or even paying for the crimes that they did not commit unless the investigators are able to prove that an identity theft was committed.

There are many types of identity theft; the most common ones are financial identity theft, criminal identity theft, driver’s license identity theft, medical identity theft, child identity theft, insurance identity theft. ( iGrad, 2016) The impact of identity theft on the victims is adverse and may last for a long time and often takes a financial toll on them followed by the emotional, social and physical breakdown of the victims.

Negative effects of identity theft often involve finances, but there are consequences that the individual involved can face including socially, physically and even emotionally.

The financial effects are usually the first ones to be felt by the victims since most of the identity thefts are meant for financial gain of the thief and drain of the victim. The hardships experienced financially by the victim of identity theft may last for a long time with the time frame being months or even years after the victim’s personal and private information is exposed. If the identity theft involved an account takeover, the identity thieves might also take over the victim’s financial accounts and investments. The impacts of this could affect the victim’s mortgage, retirement and children’s education. If the identity theft issue becomes complicated it will require the victim to look for expert advice and by so doing the legal fees could be an addition to the financial impact. Sometimes the financial toll is so bad that some victims seek assistance from the government while they recover, this is an indicator of the potential magnitude of the hardship felt by the victim. ( Weisbaum, Herb 2014).

Secondly, identity theft can have a social impact on their victims in that one can be targeted through social media accounts once the identity thieves gain access to their victim’s personal information like the passwords to their email addresses or social media accounts. Whether one depends on social media for keeping in touch with family or friends or for marketing your products or advertising, the hackers could ruin one’s reputation and even put your job at risk if they gain access to their victims social media accounts as they may use that account or even open fraudulent accounts using your details and post illegal items while impersonating their victims. This can have lasting and dire consequences or impacts on the victim as this may lead to loss of jobs and even breakups in marriages and relationships not forgetting the stigma from the society at large. ( Giles, Jim (2010)

Emotional impacts can also be felt by the victim in the long run. Even though the impact is less obvious, identity theft can trigger emotional reactions from the victim with anger being the first feeling after which other long term emotions follow. For instance if the identity theft involved a crime it can interfere with your job search as the criminal record in the background check done by employers may affect your employment opportunities and also feelings of self-worth.

Lastly, identity theft also impacts the victims physically in that one could be arrested if their personal information was found in a scene of crime. This can be a very stressful ordeal because it may take some time before one can clear their name plus the consequences of this can last for a long time. For instance the arrest records can affect your job search as they will always be seen during the background checks; one could lose their jobs due to the arrest records and even your home in case the credit mortgage is affected.

In conclusion, Identity theft is a silent crime but with serious and long terms negative impacts on the victims. The negative impacts usually depend on the kind of identity theft that one is faced with. For instance if the identity theft was used in financial crimes then the victim tends to suffer financially and later on other impacts may follow or if the identity theft was targeting the victim’s social life then the victim will be affected socially and later the other impacts may follow. In addition the identity theft may be so serious to the extent of involving the authorities. Therefore identity theft being a crime as any other should be handled as such and dealt with plus measures put in place to deal with them in the near future.

Cyber Crime And Society: Identity Theft

In the 21st century Cyber Crime has become one of the biggest form of crime in the world. It’s a cowardly act of crime which can be performed from across the world. An article by (“The True Cost of Cybercrime? $5.2 Trillion Apparently.” Information Age, 21 Jan. 2019, www.information-age.com/cost-cybercrime-123478352/.) estimated that cyber crime could cost companies world wide over 5.2 trillion dollars over the next five years. However this is a estimated number as finding exact dollar amounts in cyber crime is very difficult because a lot of thefts aren’t reported. One of the largest forms of theft in cyber crime comes in the form of identity theft, which “use of an individual’s personally identifying information by someone else (often a stranger) without that individual’s permission or knowledge. This form of impersonation is often used to commit fraud, generally resulting in financial harm to the individual and financial gain to the impersonator.” (Radin, Tara J. “Identity Theft.” Encyclopædia Britannica, Encyclopædia Britannica, Inc., 1 May 2016, www.britannica.com/topic/identity-theft#ref1192813.)

Identity theft is usually targeted towards a specific individual. Criminals will usually target someone and try to gain any type of public information from online and social media accounts such as a person’s phone number or address, and if possibly an confidential information, such as a person’s Social Security number, credit card numbers which can help the perpetrator take your identity more easily. Criminals have a lot of interest in social security cards, because social security numbers aren’t updated, criminals can wait years to use it to steal someone’s info. By acquiring access to that information, an identity thief can impersonate someone else to commit fraud. Most forms of identity theft are revolve around financial gains, some will gain access to personal accounts and then use that to gain a ransom from you in exchange for it back. In 2017, 7 million people experienced some form of identity theft according to a survey by Harris Poll in 2018, and happens regularly, every 2 seconds a person was victimized somewhere in the world. (Preventing Identity Theft: 21 Rules You Must Use.” Identity Theft Handbook, 2015, pp. 295–311., doi:10.1002/9781119203162.ch20.)

Stealing peoples personal information has made has made huge strides since the start of the millennia. The older and simpler way of stealing information by criminals included techniques such as stealing mail, dumpster diving for information, eavesdropping on conversations which is referred to as shoulder surfing by some people, or just theft by unlawful taking. People even went as far as taking information from deceased individuals by collecting information tombstones. With the huge strides in technology in the past 20 years, more and more people are relying on phones and computers to do everyday tasks, cyber crime criminals have grown with it. Instead of dumpster diving for or eavesdropping on people for information, criminals can simply take someone’s personal data without leaving their house.

Criminals have gotten very clever now using techniques such as skimmers which are essentially copy machines that are placed on ATM card readers which collect all of your card information when using the ATM. (Kagan, Julia. “Skimming.” Investopedia, Investopedia, 12 Mar. 2019, www.investopedia.com/terms/s/skimming.asp.) Other methods include spam which can be in the form of a banking website or shopping website which usually asks you to update information and collects your data that way. Personal computers are also a big target for cyber criminals which can access all of your files and personal info without authorization. Much of these can be avoided if you are just smart about your information. Cyber Criminals mostly depend on people being ignorant to these types of techniques and much of these can be avoided if you just look for them. Skimmers are often a replica of the card slot itself that fits over the card reader and can be popped on and off. So the next time you use a ATM just give a small tug on the plastic part of the reader, skimmers can be easily found and removed if you know what your looking for.

By being safe and cautious about these forms of theft can save you a ton of time in the end. In 2017 it was estimated that 140 million hours were spent of identify theft victims trying to regain and fix their information. Identity theft was ranked the number 1 consumer complaint in 2014 for the 15th year in a row. This is due to the hundreds of thousands of data breaches to large corporations each year. Criminals will steal hundreds of people’s information from the corporations data base. Large corporations tend to not share this info with the public and their consumers because it makes them look weak and shows that they can’t protect their customers info. It cost roughly 4 million dollars for each data breach that occurs. This is from either rein-busting customers or trying to upgrade the software to help better protect from it happening again. (Irimia R, Gottschling M (2016) Taxonomic Revision of Rochefortia Sw. (Ehretiaceae, Boraginales). Biodiversity Data Journal 4)

Impact of Identity Theft Insurance on Risk Perceptions

Abstract

A survey was conducted to examine the impact of identity theft insurance on consumer risk perceptions and intentions to engage into risky behavior. The results show that identity theft insurance, as a curative remedy, does undermine individual risk perceptions of being potential victims of identity theft. In addition, we also demonstrate that having identity theft insurance surprisingly increases consumer intentions to involve into activities that could put personal identity at risk. Identity theft insurance, which is believed by consumers to protect their identity, does have unintended impacts with negative consequences for consumer welfare.

Keywords: Curative remedy, identity theft, identity theft insurance, risk compensation, risk perceptions, risky behavior

Does Identity Theft Insurance Undermine Risk Perceptions and Increase Risky Behavioral Intentions?

1. Introduction

Identity theft, as the act of taking someone’s personal information to gain financial advantages,[footnoteRef:1] has become one of the most ubiquitous worldwide crimes in recent years. In 2017 alone, United States has more than 15.4 million victims of a total cost of $16.7 billion[footnoteRef:2] loss. The concerns and problems caused by identity theft to consumers go far beyond the direct money losses they bear. For instance, identify theft may upset the victim’s ability to rent an apartment, apply for a new loan, or even get a job. In some extreme cases, the stolen identity might even be used by the thief during a police arrest. [1: Examples include but not limited to stealing from bank accounts, obtaining unauthorized bank loans, establishing insurance policies, and opening unauthorized credit cards.] [2: Source: Insurance Information Institute (I.I.I.)]

As one of the unfortunate facts of our modern life, identity theft does happen. There are some methods can be used to reduce the chance to be the victims of identity theft. As suggested by the Federal Trade Commission, consumers should develop a routine to check their credit reports from three bureaus and statements from banks or credit card companies.[footnoteRef:3] Meanwhile, many consumers turn to identity theft service by purchasing identity theft insurance from the market. The cost of identity theft insurance typically ranges from $25 to $60 per year and may provide benefit limits up to $15, 000.[footnoteRef:4] While identity theft policies are in fact insurance products just like other insurance policies on the market, they often don’t align with what consumers traditionally perceive as insurance. [3: Source: FTC Consumer Information: https://www.consumer.ftc.gov/topics/identity-theft] [4: Source: National Association of Insurance Commissioners (NAIC).]

Unlike traditional insurance policies such as health insurance or homeowner insurance, identity theft insurance policies don’t cover any direct monetary losses due to identity theft activities. The policies only provide coverage to pay for the incurred costs to legally restore a victim’s identity. For example, the policies may cover expenses such as attorney fees, lost wages, notary cost, and even credit monitoring services. In spite of that, consumers commonly misinterpret the true coverage and believe that all future financial losses caused by identity theft activities would and should be covered. Such perceived misconception of identity theft coverage may not only create complaints or disputes between consumers and the insurance companies after financial losses occur but may also affect consumers’ perceptions of the identity theft risk they may face and further their individual behaviors toward such risk. From consumer welfare perspective, we are curious to know whether consumers with identity theft policies tend to exercise less care to protect their own personal information and more likely to engage into risky activities to jeopardize their identity.

The purpose of this research is to investigate the impact of identity theft insurance on individual risk perceptions and risky behavioral intentions. To our knowledge, the literature of identity theft insurance is not mature. Most paper only discuss the prevention or mitigation of identity theft. There has been little systematic effort in consumer behavior or insurance decision-making to study identity theft policy. This paper is the first one to address such gap and contribute to the current literature by discussing identity theft policy as a remedy insurance product with the boomerang consequences on risk perceptions and, in turn, consumer behavioral intentions.

Even though the traditional method to reducing risk mostly emphasizes the promotion of curative remedies which address the incurred risk by reducing the severity of the outcomes, this research examines whether identity theft insurance, as a curative remedy promoted by the insurance industry, has any unintended consequences that may reduce risk avoidance by consumers. That is, does identity theft insurance negatively affect consumers’ risk perceptions toward the risk and boost risky behavior among consumers?

We address this research question by conducting a consumer survey. Participants of the survey were introduced to the identity theft insurance product and their hypothetical purchase decisions were made. All participants were required to response to a list of survey questions reflecting their overall personal risk perceptions and shopping behavior toward the identity theft. By using the data collected from this survey, we were able to elicit and estimate subjects’ risk perceptions toward identity theft and also their intentions to engage into risky online shopping activities which may endanger their personal identity.

We observe that identity theft insurance, as a curative remedy insurance, does undermine our subjects’ risk perceptions of being the victims of identity theft. In addition, having identity theft insurance surprisingly increases the subjects’ intentions to engage into more risky behavior that could put the personal identity at risk when shopping online. The survey subjects appeared to be poorly calibrated regarding the true characteristics of the identity theft policy and were more willing to trade away some of the protection from the identity theft insurance by expressing their willingness to participate into much riskier behavior.

The findings in this paper are significant from consumer welfare perspective since identity theft insurance may harm those consumers who are most in need of help to protect their personal identity. In such case, not only consumers bear the cost of negative consequences of their riskier behavior due to identity theft insurance, society as a whole also does. Our research provides valuable and deep insights for consumers, marketers, and government agencies to understand identity theft insurance. With more identity theft policies sold on the current market, by illustrating unintended negative boomerang effects of this product on consumers, this paper raises important consumer education needs and possible regulatory issue regarding the marketing of this product.

This paper proceeds as follows: Section 2 reviews the existing literature and introduces the theoretical foundations. Section 3 develops testable hypotheses. Section 4 outlines the method and the estimation procedure used to test the hypotheses. Section 5 discusses the results and section 6 offers the general conclusions.

2. Literature Review

Identity theft is a relatively new and serious phenomenon. As a result, a stream of literature focuses mainly on the cause and prevention of identity theft. Milne (2003) designed an exploratory study to measure the behavior self‐reported by college and non-college students on more than ten identity theft preventative activities that were recommended by the Federal Trade Commission. By analyzing the data from the survey, he examined how well consumers have adopted practices that have been suggested to reduce the risk of identity theft. Milne et al. (2004) reported findings from 3 consumer surveys that were used to indicate that consumer tendency to protect oneself from online identity theft diversifies by population. They examined factors such as attitudinal, demographic, and behavioral characteristics that predict the propensity to protect online identity and privacy. Newman and McNally (2005) suggested that research is in need of assessing the issue of reporting and recording identity theft by law enforcement. Hoofnagle (2005) indicated from a legal perspective that a thorough change to the framework of privacy is necessary when combating identity theft. A fix was proposed in the paper to address the slack credit granting practices by changing the default state of credit reports from its current liquid state to the frozen one. Sauer (2006) investigated consumer attitudes toward willingness to pay for security features due to the identity theft and found that a large number of identity theft victims are actively considering security freeze legislation. Anderson (2006) examined the correlations between a consumer’s demographic characteristics and the likelihood of being the victim of any identity theft activities by using the survey data collected by the Federal Trade Commission. His paper found out that young women with relatively higher household income appear to have higher probability to experience identity theft. Using a panel data from the Federal Trade Commission, Romanosky et al. (2011) investigated whether the adoption of data breach disclosure laws may efficiently reduce identity theft caused by data breaches. Lai et al. (2012) studied conventional coping and technological coping behaviors consumers exhibited when fighting identity theft. Their results illustrated that both these two coping behaviors are effective to defend against identity theft.

Researchers since then direct their attentions to the identity theft impact on consumer welfare. Hille et al. (2015) developed a scale to measure the consumer fear of online identity theft and discussed how such fear contributes to the side effect of e-commerce. Kahn and Linares-Zegarra (2016) discussed how identity theft has affected consumers’ payment choices. Their paper showed that particular types of identity theft incidents have a positive and significant effect on the probability of consumers’ adoption of checks and online banking bill payments. Drawing on the coping literature, Li et al. (2019) studied identity theft victims’ responses and antecedents to the responses. By using a survey of 197 identity theft victims, they demonstrated that perceived victimization severity due to identity theft has a positive impact on perceived distress and, in turn, a positive impact on the behavioral responses.

In the field of consumer research, traditional models argue that risk remedy attempts to discourage risky behavior by amplifying the negative consequences from the perceived risks of the behavior. Floyd et al. (2000) illustrated that increases in both threat appraisal and coping appraisal apparently have positively reinforce more protective behavior. Risk appraisals as key determinants of decisions and actions were tested by Sheeran et al. (2014). They also found that heightening risk appraisals do change consumer intentions and behaviors. When anticipatory emotions or perceived severity was increased, the heightening risk perceptions had relatively larger effects.

Compared to traditional models, research in risk compensation have presented evidence to suggest that risk remedy may have unintended negative consequences that in fact harm consumer welfare (e.g., Rogers and Greenfield 1999). Bolton et al. (2006) proposed a conceptual framework to discuss how the impact of remedy on the individual risky behavior could be moderated by this individual’s current relationship to the problem domain. They explained that the marketing of remedy messages may undermine risk perceptions as consumer problem status rises while the risky behavioral intentions rise. Bolton et al. (2011) used two experiments to demonstrate the negative impact of the marketing of debt consolidation loans on consumers who have mounting debt problems. They argued that debt consolidation loans which offers a financial remedy to consumers actually overstated the short-term benefits. A financial literacy intervention was discussed in the paper to assist marketing financial remedy products.

3. Hypotheses

3.1 Risk Perceptions

Research on persuasive messages to curb risky behavior has been premised of the theoretical framework that curative remedies attempt to reduce risky behavior by heightening the perceived risks of a behavior. For example, drivers will be told by their insurance agents that the chance for any drivers involving into car accidents are very high and they can be personally responsible for any financial losses caused by bodily injury or property damage. Floyd et al. (2000) indicated that consumers who purchase insurance products increase their perceived effectiveness of protective behaviors. Based on this framework, it suggests that individuals with identity theft coverage should be more conservative and risk averse when evaluating the possible exposures to the identity theft.

Approach to reducing risk by using insurance products as curative remedy focuses on mitigating risk by decreasing the severity of the consequences. For example, auto insurance offers to help drivers reduce the severity of financial losses due to auto accidents. In contrast to the previous framework, risk compensation research that has analyzed aggregate behavior suggests that risk compensation exists in various remedies (e.g., Calkins and Zlatoper 2001) and the remedies may have unintended outcomes that harm consumer welfare. Individuals who are covered by insurance may have misconception that they are protected from any possible financial losses and hence become more confident when assessing their risks. According to this risk compensation theory, individuals with identity theft coverage are more likely to have their perceived risks toward the identity theft reduced or eliminated. That is, identity theft insurance may have negative impact on individual perceived risks to be the victim of the identity theft. Specifically, this leads to the following prediction for the risk perceptions:

Hypothesis 1: Identity theft insurance undermines individual risk perceptions.

If supported, this finding would demonstrate the unintended effect of identity theft insurance on consumers. By purchasing this insurance coverage, consumers increase their perceived effectiveness of the protection from the policy and, thereby, reduce the perceived risks associated with the identity theft.

3.2 Risky Behavioral Intentions

A vast of literature (e.g., Ganderton et al. 2000) on insurance purchase decision-making argues that risk averse individuals would purchase insurance and undertake all relevant precautions to the extent that the extra benefits from such actions exceed the marginal costs, less some risk premium in the case of risk aversion. If this argument is supported, risk averse consumers who are willing to pay for identity theft insurance should be more risk averse and behave more cautious and prudent. We then expect to see less engagement in the risky behavior.

Meanwhile, risk compensation from consumer research argues that a curative remedy, such as insurance policy, reduces the costs or risks of a target behavior and people may trade away some of this gain in safety and engage in riskier behavior (Bolton et al. 2006). To illustrate, drivers with auto policy are likely to perceive that policy may lower the risks and relevant costs of auto accidents, which could encourage risky driving behavior. From a moral hazard perspective, just as people may take less care of their health once they have health insurance (Zeckhauser 1995), some consumers appear less risk averse when remedies are available. Under such framework, identity theft insurance may encourage risky behavior that could put the consumer’s identity at a risk. Specifically, this leads to the following prediction for risky behavioral intentions:

Hypothesis 2: Identity theft insurance increases individual risky behavioral intentions.

Due to the misconception of identity theft insurance and the exhibition of misprocessing behavior, consumers who are protected by this insurance products becomes less care or aware of identity theft scenarios around them in the market. All incurred possible losses due to identity theft are misbelieved to be covered by their identity theft coverage. These individuals tend to be more willing to take risk compared to those who are not covered by the identity theft insurance partially due to.

4. Method and Estimations

Most literature study risk behavior use either survey or experiment to collect data (Outreville 2014). In this paper, we conducted a consumer survey to test our hypotheses related to the impact of identity theft insurance on individual risk perceptions and intentions to engage in risky behavior.

College students were recruited as participants for the survey. One of the main reasons to have college students as our subjects is that they appear to be high in problem status of identity theft because of their daily internet and financial behavior according to U.S. Department of Education.[footnoteRef:5] [5: U.S. Department of Education 2004. www.ed.gov/about/offices/list/oig/misused/idtheft.html.]

The survey consisted of two phases. In the first phase, participants read written introductory information about the risk of identity theft. Then they were given the opportunity to decide whether they would like to buy the identity theft insurance which was described as the insurance coverage to reduce the consequences of identity theft at a fair price. In the second phase, all participants responded to a series of questions rating their overall personal risks on a five-point scale. They were asked to weigh in their concerns regarding the financial risks of identity theft and how likely for themselves to be the victims of identity theft activities. Next, participants were instructed to imagine themselves using their personal credit cards to shop online for a friend’s upcoming birthday gift. Participants were asked to indicate and rank their preferences on three different shopping websites that vary in terms of the amount of personal information requested and collected.

Participants who indicated their willingness to buy identity theft insurance in the first phase were initially instructed to “assume that you have identity theft insurance” and then answered the survey questions in the second phase. Meanwhile, participants who showed no interest to buy identity theft insurance answered the exactly same set of questions but without the assumption of having identity theft insurance. Individual demographic information such as age, gender, household income and smoking behavior was also collected from the survey.

To measure the impact of identity theft insurance on individual risk perceptions, survey question related to the financial risks (Financial Risk) was used as the dependent variable in our model. The Financial Risk was scaled as “Not at all concerned (1)”, “Slightly concerned (2)”, “Somewhat concerned (3)”, “Moderately concerned (4)”, and “Extremely concerned (5)”. Since ordinal responses as dependent variables were involved in the model, the ordinal response regression model provided better ways of estimating parameters using the maximum likelihood method. The general form of the model is , where is a cutpoint. Independent variables used in the model included participants’ characteristics (e.g., gender, age, income level) and their decisions to have identity theft insurance coverage from the first phase of the survey.[footnoteRef:6] Further, to verify the impact of identity theft insurance on risk perception, another dependent variable, Victim from the survey question of being potential victims of the identity theft activities, was also used to replace “Financial Risk” in the model. [6: Decision to buy identity theft insurance was coded as follows: Yes (1) and No (0).]

To examine the impact of identity theft insurance on risk behavioral intentions, three survey questions related to the subject’s willingness to provide social security number or mother’s maiden name and use any unsecured websites when doing online shopping were used as dependent variables respectively to elicit the risky behavior subjects might be intended to exercise. They were scaled as “Would not buy (0)”, “Might or might not buy (1)”, and “Definitely buy (2)”. Participants’ characteristics and their decisions to have identity theft insurance coverage were also used in these models as the independent variables.

5. Results

Model 1 captures the significant impact of having identity theft insurance on perceptions of financial risk consumers may have due to identity theft. The dependent variable Financial Risk was defined as five different levels of concerns.[footnoteRef:7] As the results from Table 1 illustrate, the variable Id Theft Policy is significantly negative at the 1% level for both logit (Model 1a) and probit (Model 1b) assumptions. Examining the results from Model 1, we find support for our hypothesis H1, suggesting that identity theft insurance does undermine our participants’ risk perceptions. When being asked to rate their personal concerns regarding the financial risks of identity theft, participants who chose to be covered by identity theft insurance in the survey were more likely to be less risk averse compared to those who chose not to have identity theft insurance. [7: The levels of concern were coded as follows: Not at all concerned (1), Slightly concerned (2), Somewhat concerned (3), Moderately concerned (4), and Extremely concerned (5).]

Identity Theft as a Social Problem: Analytical Essay

Identity theft has become a significant problem in today’s society. In fact, advanced technology has made the situation much worse. Millions of people are affected by identity theft daily. A recent report by Consumer Sentinel Network (CSN) states that in the year 2018, 440,000 people experienced this kind of theft, with college students accounting for 40% of the people affected (10). Most college students do not have enough cash flow to permit ownership of different accounts making them less at risk of identity theft; however, this does not exclude them from being targeted. College students need to protect themselves from identity theft to avoid getting associated with false tax returns, losing valuable money, avoiding damaging their reputation, and avoiding getting involved in criminal activities.

One of the main effects of identity theft is losing large amounts of money, and getting a bad credit report. This usually happens when a person steals personal information and is able to access unlawfully, the victim’s personal accounts, in the event, they have money they are wiped clean. Alternatively, personal information obtained illegally can be used to set up other credit card accounts. Then the person involved will proceed to take on loans and make purchases of large amounts of money that the student might not even be able to afford. According to the Justice Department Bureau statistics, an estimated 7.7 million people reported fraudulent use of their credit cards in the year 2018 (Baird, para 2). This kind of identity theft is associated with friendly fraud, which occurs when new roommates or friends steal IDs or target phishing expeditions on their roommates or friends (College Students Protect, 618). Because of the nature of college (interacting with people quite often), students should protect their personal information at all costs to avoid getting into bad debts so early in life; because they are most susceptible to this kind of fraud than any other group.

When people steal personal data, most of them use them in all kinds of activities including engaging in criminal activities using the victim’s names. Hackers know that college students are not careful when it comes to their personal information especially. Most students leave their laptops and IDs unsecured, therefore, to steal personal data such as social security numbers, among other important documents to engage in criminal activities (College Students Protect, 618). Leaving passwords vulnerable in personal laptops can also lead to breaches of security. Personal information may then be used to conduct illegal activities at the expense of the victim. The worst-case scenario is when the victim has no idea that someone else has stolen their identity and is carrying out illegal activities in their name. So, there this may go on for years without the knowledge of the victim.

A good example of this is when the hacker uses fraudulently acquired personal information to create bank accounts that transact money removed from other people’s accounts. Therefore, the account names reflect in criminal records; can be problematic to the victim especially when it comes to looking for a job after graduating. It leads to a scenario whereby the victim is unable to secure a job because of a criminal record he/she knows nothing about. To avoid being involved ending up with a criminal record that they don’t know anything about, college students should be cautious when it comes to their SSN, IDs, and their financial statements. Victims can find themselves in trouble with the law, and certain cases might be hard to prove. At times the victims find themselves incurring costs associated with legal fees before the matter is solved and the victim proves his/her innocence.

Identity theft is not only restricted to the misuse of personal information; it can also entail hacking and taking over social media accounts. When a social media account is hacked, it may be hard to take it back, and this can lead to a series of events where the hacker uses the account to spread false information and ruin the victim’s online reputation. It may even be worse when the hacker creates a false profile and starts posting negative things- such accounts are hard to delete, and this can have disastrous consequences. The stress of experiencing identity theft can impact the victim’s life negatively; it can cause emotional instability leading to the disintegration of relationships between the victim and the people in their lives Especially in situations whereby there is no way of managing these social media accounts. All these issues can be avoided if college students take the initiative to secure their social media accounts rather than end up with the problem of securing a job upon graduating.

Tax identity theft has been on the rise for the past three years. It usually occurs when someone uses compromised information to apply for a tax refund and then take the money (How to Prevent). Victims of tax refunds are typically subject to imposter scams, data breaches, stolen mail, and phishing scams (How To Prevent). This form of identity theft can land the victim in a lot of unforeseen trouble once the tax refund is recalled. It can affect personal savings, and any other assets the victim owns. To avoid instances where on completion of college the student is engaged in a legal battle with tax authorities or has to pay up the refund, extreme care should be carried out, especially when it comes to opening any links or files online.

In summary, this is the age of innovation and there is room for more technological innovations globally. With technological advancement comes the risk of identity theft and fraud. College students are not exempt from such activities they should protect themselves from identity theft to avoid losing money, be engaged in legal battles and to avoid ruining their reputation. There are several ways in which this can be done i.e. avoid sharing the nine-digit SSN, use strong passwords and do not leave them vulnerable, and lastly when transacting online only providing financial information on secure sites. If these practices are implemented, most students would be safe from losing money and getting scammed.

Work Cited

  1. Baird, Joselyn. 4 Ways Identity Theft Can Impact Your Life. Next Advisor. Retrieved from: https://www.nextadvisor.com/x-ways-a-theft-can-impact-your-life/
  2. How to Prevent Identity Theft on College Campuses. safety team. Retrieved from: https://www.safety.com/prevent-identity-theft-college-campuses/
  3. Million Fraud Reports. Consumer Sentinel Network. Retrieved from: https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-2018/consumer_sentinel_network_data_book_2018_0.pdf
  4. WW. “College Students: Protect Yourself from Identity Theft” pp. 618-619

Issues of Identity Theft: Analytical Essay

Imagine Mrs. Smith is sitting down at her desk, logging into her bank account only to realize that someone has stolen all her savings. She begins to look into her transactions showing purchases made at stores she has never visited. This is one type of identity theft. Identity theft is someone who deliberately steals another person’s identity in order to gain financial advantage, obtain a line of credit or any other benefits. When a criminal hacks into a person’s finances, or personal information, this allows the criminal to become the victim. Permitting them to make unauthorized purchases or banking transactions. Identity thieves will also pass along the victim’s information to other criminals in other countries. Often with identity theft, it will take a tremendous amount of time to repair the damage that has been done. This paper will discuss the history of identity theft how identity theft affects a person and the legal portion of identity theft.

Since the arrival of the internet, the methods in which attackers obtain an individual’s identity have become harder to identify from what is fake to what is legitimate. Some emails or phone calls that contact people are becoming progressively more difficult to identify as real or fake. Some of the major ones are when the cell phone carrier calls and states that the account information has changed and they would like you to verify the account to ensure it is a fraud. This seems to be the new scam today is criminals pretending to be these major companies and asking for account information. According to Lifelock Company, tax, medical, and synthetic identity theft are just a few that are ways people are becoming a victim. Today criminals are calling or texting to pretend to be the IRS and asking for information, they even go to using threats that the person will be in legal trouble with the IRS if they do not respond to this within a certain time frame. Medical identity theft takes place when a criminal uses your health insurance to be given medical care resulting in unpaid medical bills in your name. The other impact of this is that when a person pretends to be you and sees a doctor your record could be updated with the other individual’s health information potentially hurting your health. A final example is synthetic identity theft is when criminals use fabricated data to create a fake identity and open credit card accounts, they will use your social security number but put a false address which will not show on your credit report (Porter, 2020). Synthetic identity theft is the hardest to catch due to not seeing this information on your credit report leaving the person unaware of the accounts being taken out in their name for years. Synthetic identity theft primarily harms the creditors who unsuspectingly grant the fraudsters credit.

Children’s identity theft is a tempting target for theft because it can go undetected for years (Child Identity Theft | TransUnion, 2020). An impostor can be a family member, a friend, or even a stranger who targets children. When your child is born you want to protect them from the world physically and emotionally as a parent every day. The one thing that parents do not think of is their own Child’s social security number being used by someone else. Today children that are in foster care are more likely to have their identity stolen due to the nature of being moved from one foster parent to another and having personnel information known to the foster parents. Just like companies, school databases are subjected to breaches as well as increasing the likely hood of a criminal stealing a child’s social security number and using it to open accounts and loans in their name even obtaining a driver’s license. When a child’s identity is ruined through criminals acting as them and taking out credit card loans or using it for tax fraud it affects them either weeks, months, or even years down the road. If the parent is not actively looking at the child’s credit report it will increase the chance a criminal will have used social security to ruin the child’s future. The Child will have not known this until they have gone for a job interview, asked for a loan, or even tried to obtain a cell phone carrier.

How information is obtained. Identity theft is not something that was developed overnight, it has been an ongoing issue since before the internet was developed. From 1960 to 1980 identity theft was accomplished through someone calling claiming the person won the lottery or gifts, the victim then would give the scammer their personal bank information or social security number (Hur, 2020). Hence, allowing the criminal an opportunity to steal the other person’s identity and to clean out their bank account. A term called “ghosting” has been used when an individual would assume another person’s identity through either death or murder and wanted to start over with a new life, criminals would use this when trying to hide from the law or to escape from their own specific life in trying to start over. Another way was that people would go through someone’s garbage looking for bank statements and credit card offers or other information used to establish identity. Emails can be a doorway into your computer if you are not screening them properly and opening them up without verifying first if the email being sent from the person is legitimate. These emails can look exactly like the genuine thing from either a bank or IRS. When a person gives their information to these fake emails it’s called phishing and within minutes the criminal has the information needed. Criminals have other methods for obtaining information using malware, keystroke logging and other forms of spyware. Over time the means and process that people would go through to find ways of gaining access to a victim’s information evolved and the criminals became cleverer. Either through the use of computers, social media, calling, or through the post office, criminals are determined to find ways to get what they want in the long run.

Victims do not realize they are until it affects their lives and they are being contacted by various financial institutions. There are indicators to show that you have been a victim of identity theft. Some of the common ones are seeing charges in your accounts or withdrawals that you did not do and receiving credit cards that you did not apply for. One major one is when the person notices their credit score drops significantly giving them a good indication something is wrong. When someone is actively monitoring all accounts in their personal life they can effectively stop thieves from taking their information and money from them.

There are a variety of ways to protect yourself and your family from identity theft. Some significant ways to be proactive in protecting information is to, keep your personal devices updated with the current anti-virus, spyware, and phishing software (How to protect yourself from Identity Theft, 2010). Today some people open an alternate email address and use it as their junk mail for unwanted solicitation from businesses, offers, credit cards, and spam. Look at your personnel information on all your social media accounts and take off anything that could be used as a potential insight to gaining access to accounts, such as birthdates, mothers’ middle name, place of birth, address, sports team, and telephone number. Try not to use passwords to accounts that have your name in them or a specific date, make them unique and over eight characters. Always review your personal information on the credit report and challenge anything that looks inaccurate with the three credit bureaus. Having a cross-cut shredder at home is another great way to keep your documents safe from people going through your garbage. Ensure you shred all statements, credit card offers, and cash offer loans from the mail. Even using the ATM or gas station pump, criminals have found a way to scan your credit card to pull your information and have access to your money within just yards away from you. In just a few minutes before the victim can even realize that their money is gone, it will be too late and the victim will have to dispute it with the bank or credit company. Also keeping personal documents in a safe to prevent a burglar from obtaining information about you is another preventative measure. With identity theft becoming a greater threat to families there have also been more tools for people to use in combating someone from stealing information. The Federal Trade Commission has a tremendous amount of information for people about how to take identity theft in steps when or if it happens to you.

Today over millions of people are victims of this crime. It affects children, adults, and even seniors. It knows no age, gender or race. According to Harrell, Ph.D., and Langton, Ph.D., (2013) credit cards account for 40% and financial transactions account for 37% of identity fraud. This is a costly crime that is in the billions for direct and indirect losses. Many people fail to realize they have become a statistic until it is too late, the damage has been done depending on how long the crime has been committed. A person who tries to qualify for a mortgage will be denied because of poor credit, or the debt-to-income ratio is high due to identity theft. The thief can even go after one’s retirement account causing them to have no investments for the future.

Depending on the length of time for the victim to dispute the incident and have the service provider investigate it, the victim may not have the money to pay simple bills in the meantime due to the retirement account being drained. Draining a child’s future education fund that a parent has worked hard to save up for years is another tremendous loss, especially if the child is actively going to college and depends on the money saved from the parents to continue their education. Sure, this has a huge financial impact on an individual but what about the person’s mental well-being? Anger is the first feeling that victims may experience in such instances. But after recovering from the initial shock, other challenging and long-term mental stress may show up (Tank, 2019). Families have been destroyed when a criminal takes everything from them that they both have worked so hard for. Regret and blame sometimes can play a factor in it along with suicide, the victims start to believe that they caused this or the other person’s spouse caused this. Having your identity stolen in today’s workforce and not knowing will have a significant impact on one’s career. Companies see it as if you’re irresponsible about your finances then why should they hire you, when that is not the case? This type of crime not only has an effect on the victim but the victim’s family, especially if there is no action taken to stop or correct the crime.

As identity theft continues to be a national issue to businesses and people what happens to the individual who gets arrested for committing a crime? Catching a thief is not as simple as catching a burglar or a person who committed armed robbery. These thieves are sometimes are not even in the country and when it happens it is difficult for the thief to be identified in order to be arrested. Yet when it comes to actually catch a thief the United States is lenient when it comes to committing this crime depending on what the severity of it is. As per U.S. Code, a person who knowingly transfers, possesses or uses another person’s identity is sentenced to two years, but if it is found to be a terrorism offense the imprisonment is five years (18 U.S. Code § 1028A – Aggravated identity theft, 2020). The use of the dark web has made it a profitable marketplace for thieves to find and obtain people’s information and use that information within minutes around the world.

The importance to make sure that any business and personnel accounts are protected is without a doubt a tremendous task but is one that needs to be improved to ensure information is not used without permission. A person should read their credit, and bank statements carefully and frequently. Make sure to shred any personal or confidential information. In 2016 over 134,000 U.S. Sailors, personal data were compromised due to a laptop by a Navy Contractor being breached (Blake and Martinez, 2016). This data breach contained Sailor’s names, addresses, and social security numbers. The scope of this data breach is small compared to the immense cyberattack on the federal government back in 2015.

With all these data breaches and people having their identity taken continues to teach us all on fresh ways of protecting information. No system will ever be perfect, but as these attacks happen new ideas are created and lessons are learned to improve the reliability of the infrastructure. This project is worth taking the time and ensuring that we understand how and why attacks happen to an individual or a company. People and businesses are not just subject to attack just by random chance, these attackers have screened or looked into something and decided it is worth going after this person or company. Think of it as a burglar, most people do not think when you are driving down the street that the guy in the car next to you sees that expensive watch you are wearing and follows you or gets your license plate. A burglar and an identity thief are the same people, they have something you want and will do anything to make sure they can take it. When burglaries started to become an issue, people decided to install security systems in the house to prevent break-ins. Information Security is the same thing when it comes to personal information for business and home computers. Trust, trust is what people want when they purchase something online from a company hoping the information provided is secure and nothing will happen with it.

According to the consumer affairs website for the 2020 identity theft statistics, there has been an increase in identity thefts affecting seniors, Children, and Military members. Looking through this data it shows the following has increased, form jacking 117 percent, new account fraud 13 percent, and account take over 79 percent (Douglas, 2020). This data depicts the elderly who are on a fixed income and who are more trusting, to children that do not even know how to look up their social security number potentially damaging them early on. The military members are affected and the family when the service member is gone for lengthy periods. The one thing that is set in stone is that the attacks are not getting any less nor are they improving. The ethics behind attacks and people having their names ruined by offenders can be devastating. Let say you own a business or running for an important position within the community. If your name is being used in a negative term by someone who stole it, then the problem becomes more than just money. “The illegal use of someone else’s personal information (such as Social Security Number), to obtain money or credit” (‘Definition of IDENTITY THEFT’, 2020).

References

  1. Blake, P., & Martinez, L. (2016). Navy Says Personal Data of Over 134,000 Sailors Was Hacked. Retrieved 14 March 2020, from https://abcnews.go.com/US/navy-personal-data-134000-sailorshacked/story?id=%2043760770
  2. Consumerreports.org. 2010. How To Protect Yourself From Identity Theft. [online] Available at: [Accessed 14 April 2020].
  3. Definition of IDENTITY THEFT. (2020). Retrieved 23 March 2020, from https://www.merriam-webster.com/dictionary/identity%20theft
  4. Douglas, R. (2020, January 16). Trends and statistics about identity theft. Retrieved March 15, 2020, from https://www.consumeraffairs.com/finance/identity-theft-statistics.html
  5. Harrell, Ph.D, E., & Langton, Ph.D., L. (2013). Victims of Identity Theft, 2012. Retrieved 20 March 2020, from https://www.bjs.gov/content/pub/pdf/vit12.pdf
  6. Hur, J., 2020. History Of Identity Theft Protection. [online] Available at: [Accessed 14 April 2020].
  7. LII / Legal Information Institute. 2020. 18 U.S. Code § 1028A – Aggravated Identity Theft. [online] Available at: [Accessed 14 April 2020].
  8. Porter, K., 2020. 10 Types Of Identity Theft You Should Know About. [online] Lifelock.com. Available at: [Accessed 14 April 2020].
  9. Tank, c. (2019). What Are The Negative and Lasting Effects Of Identity Theft? – cFIRST Corp. Retrieved 26 February 2020, from https://www.cfirstcorp.com/negative-and-lasting-effects-of-identity-theft/
  10. TransUnion. 2020. Child Identity Theft | Transunion. [online] Available at: [Accessed 14 April 2020].

Types of Identity Theft and Issues of Social Engineering

Introduction

“Everything that you have access to, short of your own family, the identity thief masquerading as you has access to.” In his book, Stealing your life, Frank W. Abagnale precisely sums up the danger of identity theft in mentioned quote. What would you do if you woke up and find that you are being impersonated and that person committed a crime?

In a day and age where connectivity is key, data is extremely easy to access. The new currency of this generation has become data, I will give you a free coupon in exchange for your data. This doesn’t only happen on a personal level, but organizations and large companies are also taking part in this ‘data spree’. However, this abundance creates risk and elevates the possibility of danger in the world. Believe it or not, there are some people in the world that don’t have the best intentions and will utilize, even abuse, this to their own gains, even if it means hurting you.

Just like a person is born with an identity that is ever-developing, that same person creates a digital identity the very first-day s/he accesses the internet. With time, this digital identity becomes prey to people that thrive on abusing people’s data for their own.

In this report, we will define, discuss and highlight some terms like digital identity, digital identity theft, and its various types, and conclude by briefly talking about the ways to prevent this and stay safe.

Literature Review

In this literature review, be highlighting some key topics, as described and discussed by many authors and professors, about the digital realm and the dangers that our identities face on a daily basis. Every day we have access to the internet is another day the world gathers more information about us. This information is useful to many facilities and institutions, such as schools and hospitals, but in the wrong hands can be very detrimental.

Digital Identity

In the modern world, digital identity (or digital ID) is a very sensitive subject. This is mostly because the data or information of this person is usually built up over a span of years and contains many private moments. In the book Digital Identity Management, the authors describe it by saying “the Internet has been built up over the years as a space of unregulated freedom for the individual, where everyone is free to exhibit themselves, consume, educate themselves, have a social life, etc.” (Laurent, Bouzefrane, & Pomerol, 2015) From there, we can start to sense the danger that is to come, when they say the words exhibit and consume. By including consume in their description, this means that people will utilize content that is not theirs to begin with. Abagnale, in his book, described an experience where he would ask one of his students for his address and would be able by the very next morning, to extract 22 pieces of private information about him, his life, his parents, neighbors, financials and his job. (Abagnale, 2013) This is a petrifying thought that any random person, from one string of information, can find out almost everything about you. Since about 80% of birth certificates are processed online, your digital identity such as your name, address, weight and height are online before you leave the hospital. (Abagnale, 2013) Moreover, your data is most definitely of great personal value to you, but on the black market, it’s a rare commodity. Wrapping up the definition of digital identity, quoting Rob Cover in his book Digital identities: creating and communicating the online self “We are, in some ways, always performing ourselves online because even when we are nowhere near a digital communication device (which is now extremely rare), we leave traces all over the Internet, social-networking pages, blogs, Twitter, and other sites that are actively contributing to elements of our identity.”

Identity Theft

Identity theft is becoming a bigger dilemma and a more serious crime with time and the evolution of technology. (Whiting, 2013) Moreover, these crimes happen over the internet, so granted it’s easier to trace (thanks to IPs, cookies, and technology) but prosecution for the crime still remains unsolved. So, what is identity theft and where did it all start? Identity theft is somewhat of an old trade that has now massively developed with the help of technology. Back in the 16th century, when King Sebastian of Portugal went missing in a battle in Morocco and several imposters in Portugal tried taking his place by using methods of impersonation. In the 1930s a homeless Samuel Jones impersonated by “ghosting” the life of well-known actor Wallace Ford after finding him dead on a train. (Hur, 2017) Ghosting was the earliest form of identity theft, where imposters would wear a deceased person’s ghost and become them. Eventually, on his deathbed, Samuel Jones did admit his identity theft. This is just to prove that Identity theft is not a new cybercrime phenomenon, but an ancient technique in disguise and equipped with new technologies. “Cybercrime accounts for only 11 percent of actual identity fraud cases” (Sileo, 2010)

Type of Identity Theft

As we have read before, identity theft comes in all shapes and sizes. Some of them are armed with the most advanced technology and others prefer to go with the old-fashioned ways. Nonetheless, their goals are all the same: to use your identity or your information for there own personal or financial gains. With that said, let us dive into the realm by defining them.

Universal Identifiers

A system was put in place to create unique personal identification and to connect a person to their information easily. These cards, passports and documents were standardized in 1985. Unfortunately, with the evolution of technology, all of this data about people and their lives has shifted online. They are stored on servers are connected to the “Internet of things” which makes them accessible. Also, due to the lack of data transparency in the past years and the unknowing of where our data would go or be stored, many organizations and companies have decided to become more transparent by allowing by data visibility to users. “Unfortunately, with that knowledge, we must also accept that because the SSN is so heavily relied upon as an identifier, it is a valuable commodity for lawbreakers.” (Whiting, 2013)

Phishing

Phishing is one of the most popular ways of identity theft. Especially nowadays, it has converted from the old traditional way to online, real-time, and more aggressive than ever. “Bait” and “Hook” is also another way it is commonly known as. (Whiting, 2013) Phishing is when a scammer pretends to be someone else, selling a product, free e-book, or a lottery ticket. Once a user clicks on this replica website and enters the requested user data, this data is directly sent to the scammer. (Whiting, 2013) At this point, the scammer has obtained the required information and can begin using it for personal gain. The first motive that comes to our mind for someone to do this is the fast cash effect, however, if we move past this, we see that financial motive is just the tip of the iceberg and that other motives are darker and more twisted. (Hadnagy & Fincher, 2015) Delving deeper into phishing, there are several methods or ways where e-mail spoofing and website cloning. E-mail spoofing is basically when a scammer sends you a replica of a legitimate e-mail from your company, bank, amazon, or e-commerce website asking you to take a specific action. At the same time, the button included in the e-mail links to a replica webpage that the scammer has cloned, but is directly linked to their e-mail. Once a user views that e-mail, clicks on the button and enters their credentials on the “fake” website, that data is viewable to the scammer and at this time the scammer will access the website and take whatever information they deem of importance to them. (Hadnagy & Fincher, 2015) Phishing is a popular method that gets dispersed on a massive scale. “Hackers are creating these pages to look exactly like professionally crafted bank pages. So, it does have the look and feel and touch of your bank’s website. The text of the email is very well crafted. It looks like something Bank of America would actually send you.” (Whiting, 2013)

Spearphishing

A variant of phishing, spearphishing uses the same methods but personalizes ‘content’ to an individual. (Whiting, 2013) Another version of this is called Whaling, which is the exact same as spearphishing, with the difference that it targets top executives at large companies and high-net-worth individuals. (Whiting, 2013) Scammers that focus on both whaling and spearphishing put a lot of effort to personalize the e-mails that are being sent. Determined to perfect a replica an e-mail’s tone, vocabulary and aesthetics. (Whiting, 2013) This is commonly known as “going after the big fish in the company.” (Hadnagy & Fincher, 2015) And rightfully so, a hook while whaling could mean a major financial income for the scammer.

Social Engineering

The newest phenomenon in this generation is social media. With the abundant advantages that social media has offered us this generation such as constant connectivity, it has also opened a new door for identity thieves and scammers. Enter Social Engineering. FBI agent Alice Tsujihara gently describes it by saying “With social engineering, what you can do is you can use other people and resources and not necessarily have to go in through the front door hacking through a computer.” (Whiting, 2013) In this section of the report, we will extensively discuss this phenomenon outbreak, the stages, and ways to prevent it.

What is Social engineering?

In the book Unmasking the social engineer: the human element of security, Hadnagy et al. define social engineering as any act that influences a person to take an action that is not to their best interest. With the advancement of social media and the internet, the tools for social engineering are increasing. Social engineers target a person or an entity that they think they will be able to influence into gaining information from. Therefore, completing their first stage of social engineering. (Hadnagy, Ekman, & Kelly, 2014) Sometimes social engineering is not about obtaining information, rather than denying other access to that information and therefore halting any operations. (Mann, 2017)

What are the stages of Social Engineering?

In Unmasking the social engineer, Hadnagy et al. refer to the stages that are taken by any identity thief to create a successful social engineering experience for himself or herself. These crucial stages are:

  • Information Gathering: “Information is the lifeblood of the social engineer.” (Hadnagy, Ekman, & Kelly, 2014) Information is a crucial point for the success of social engineering. The more data the person has about his/her target, the more knowledgeable about their weak points. When speaking about data here, we incorporate all types of media, from videos to images to maps and voice notes. There are many tools that help thieves with gathering and retrieve information from the internet and the dark web. The difference between an expert and a beginner is what they do with this abundant amount of data. The data will be overwhelming; therefore, an expert identity thief will be using tools such as BasKet to organize and understand this data. (Hadnagy, 2011)
  • Pretexting: This stage is also very vital as this is the preparation phase after you have done your research. The identity thief in this stage portrays the target, studying and practicing the way they dress, walk, talk, send text messages, interact, like, dislike, comment and many more. (Hadnagy, Ekman, & Kelly, 2014) If a thief is successful in this stage, they will be able to fool the public.
  • Elicitation: Asking for information that you, as the target, should already know will raise an alarm bell in your surroundings. This is why a stage is one of the most important aspects of social engineering. (Hadnagy, Ekman, & Kelly, 2014) “Being able to effectively use elicitation means you can fashion questions that draw people out and stimulate them to take a path of a behavior you want.” (Hadnagy, 2011) Now, this is really powerful, without asking you make people tell you what you want to hear, give you the information you want.
  • Rapport: So now that the identity thief is ready with all his/her notes and has practiced the lines and the tone of his conversations, let’s go to work. When you start your conversation with the target audience, you must develop trust between one another, and fast. This trust-building exercise, in the beginning, will eventually cause them to let you in on some valuable information. (Hadnagy, Ekman, & Kelly, 2014) Using emotions like sympathy, reciprocity, and mindfulness goes a long way. Rapport can be broken down into 10 methods. (Dreeke, 2011)
  • Influence/Manipulation: Now that you have their attention and trust, convince them. In this stage, it’s all about influencing someone to do what you want. And even better, convincing them and making them believe that they want to do you what you want. Dr. Robert Cialdini, one of today’s greatest, explains this stage of influence/manipulation with the Cialdini principle. (Hadnagy, Ekman, & Kelly, 2014) The Cialdini principle talks about reciprocity, obligation, concession, scarcity, authority, consistency and commitment, liking, and social proof. (Cialdini, 2018)
  • Framing: This stage is all about the person. The person’s emotions, thinking and personal history. What to interact with and what not to is the difference between getting caught or being flagged as suspicious. (Hadnagy, Ekman, & Kelly, 2014) The way an identity thief uses framing will ultimately decide how long they will be able to continue tricking and deceiving people.

How to prevent Social Engineering

In order to prevent social engineering, you must clearly understand what it is, and how will impact you. Creating a Vulnerability map is one of the first things that you need to do in your path to prevention. (Mann, 2017) This will allow you to evaluate the loopholes that identity thieves could possibly use and also reinforce your strong points. Mapping your digital assets will allow you to see where you need to strengthen more. As your network becomes your weakest link when hacked, make them your strongest link now. Always be very aware when sharing valuable information, and always keep them behind closed doors as much as you can. As companies and organizations are aware of the vast problem of identity theft, privacy policies, regulations and code of conduct are being changed all the time to avoid as incidents as much as possible. Always be aware and updated to these policies.

Bibliography

  1. Abagnale, F. W. (2013). Stealing your life: the ultimate identity theft prevention plan. New York: Broadway Books.
  2. Cialdini, R. B. (2018). Pre-suasion: a revolutionary way to influence and persuade. New York: Simon & Schuster.
  3. Cover, R. (2016). Digital identities: creating and communicating the online self. Amsterdam: Academic Press.
  4. Dreeke, R. (2011). Its not all about ‘me’: the top ten techniques for building quick rapport with anyone. People Formula.
  5. Hadnagy, C. (2011). Social engineering: the art of human hacking. Indianapolis, IN: Wiley Publishing, Inc.
  6. Hadnagy, C., Ekman, P., & Kelly, P. F. (2014). Unmasking the social engineer: the human element of security. Indianapolis, IN: John Wiley & Sons, Inc.
  7. Hadnagy, C., & Fincher, M. (2015). Phishing dark waters: the offensive and defensive sides of malicious E-mails. Indianapolis, IN: Wiley.
  8. Laurent, M., Bouzefrane, S., & Pomerol, J.-C. (2015). Digital identity management. London, England: ISTE Press.
  9. Mann, I. (2017). Hacking the Human: Social Engineering Techniques and Security Countermeasures. Hampshire: Gower Publishing Limited.
  10. Rabin, N. (2013). You dont know me but you dont like me: Phish, Insane Clown Posse, and my misadventures with two of musics most maligned tribes. New York: Scribner.
  11. Sileo, J. D. (2010). Privacy Means Profit: Prevent Identity Theft and Secure You and Your Bottom. John Wiley & Sons.
  12. Sullivan, B. (2004). Your evil twin: behind the identity theft epidemic. Hoboken, NJ: John Wiley & Sons.
  13. Whiting, J. (2013). Identity theft. San Diego, CA: ReferencePoint Press.
  14. Windley, P. J. (2005). Digital identity: Beijing: OReilly.
  15. Hur, J. (2017, November 17). History of Identity Theft Protection. Retrieved December 15, 2019, from https://bebusinessed.com/history/history-of-identity-theft-protection/.