Overview of The Identity Theft

There are myriad ways for the bad guys to get your information and use it for all sorts of nefarious purposes — mainly, stealing your money, althoughoccasionally for other kinds of fraud or to cover their tracks when committing additional crimes. That’s one of the big reasons identity the ftcan be so devastating. If a criminal steals your credit card information, your bank will likely refund you the money that was lost. If the same criminalimpersonates you to run an international child pornography ring, however ,then your problems just got a whole lot worse… especially since many lawen forcement folks aren’t up on the latest types of cybercrime, so “that wasn’t me” might not go over well.

How does it happen?

We’ll examine the many methods of identity the ftin the pages that follow, and we’ll also show you how you can protect yourself from being a victim or fight back if you already are. The methods of ID theft range from the seriously low tech (such as digging through your trash for unshredded financial documents or stealing those new credit cards that the bank sends you unexpectedly) to sophisticated database breachesand other hacks staged half the world away by large crime syndicates tofund cyberterrorism operations.

America’s first identity fraud

Philip Hendrik Nering Bögel had some financial problems, and he was a creative thinker. So in 1793, when things got too hot for the Dutchman (who was wanted for embezzlement at the time), he did what any forward-thinking identity thief would do today: He hot-footed it out of the Netherlands, setting forth on this continent a new city, conceived in parsimony, and dedicated to the proposition that Bögel deserved better. Callinghimself “Felipe Enrique Neri, Baron de Bastrop,” Bögel started being awfully helpful to early Texas leaders Moses and Stephen F. Austin in obtaining land grants. After being named Texas land commissioner, Bögel came to settle a Texas city that he named after himself. Today, visitors to Bastrop, Texas, population 5, 340, can celebrate howAmerica’s earliest successful ID fraud operation netted one guy a whole city.

My identity isn’t worth stealing! – False

Attackers are smart, and they seek the easiest path to their ultimate target. Often, that easiest path runs through your computer is you. You may say, “I just have photos of my grandkids on my hard drive.” But your machine is connected to the internet, making it a target. Hackers can hijack your computer and join it into a secret global network for spam, attacks on other computers, and more nefarious activities. While they’re at it, they might just steal your banking information as well. It is also not unknown for hackers tode stroy a computer, so that even those family photos that are priceless to you, while worthless to others, end up lost with the dead computer.

Many types of identity theft

Criminals impersonate you online for a range of different reasons and in a variety of ways. For cybers talkers, the impersonation is usually part of a larger cyberbullying effort. But in most cases, the motivations are financial. Whether it’s designed to get bank cards or bank loans in your name, obtain credit in your name, or impersonate you to use your existing credit, identity theft is usually a gateway cybercrime — an initial act, a top which lie other criminal schemes. So really, “identity theft” should be thought of as a family, or a category, of cybercrime.

Even though it’s common for victims to be reimbursed by banks or credit card companies, the damage done by ID theft can affect you for years. Your credit score and history are the main ways that banks, car dealers, and other lenders determine the risk of extending you credit, and the black marks can be hard to erase.

A Taxing Scheme

One of the fastest growing crimes in America is tax return fraud, which can net identity thieves thousands of dollars for each successful impersonation they make to the IRS. The criminals get hold of your Social Security number and personal information, and then create atax return in your name that shows a modest overpayment on your part. The return is filed online using software, and within days, the IRS sends out a refund to “you”— at the address given by the thief. The refund is typically made using prepaid Visa cards, which can be easily exchanged for cash or property.

Forms of identity theft

Fraudsters don’t just steal your driver’s license or credit card. They’ll take your whole identity and make use of any part they can.

Case study strangers with candy

In 2004, some InfoSec folks did a little experiment in which they offered passers by on the street a candy bar if they would tell them their work logins and passwords. To their surprise, some 70 percent were willing to part with the information — half of them did so even without the chocolatey bribe. You’d think that would have been a wake-up call. And indeed, governmental agencies and private-sector companies spend millions of dollars on training to make employees aware of proper security procedures and how important it is to follow them.

How’s that going? Well, when the experiment was repeated in London in 2008, there was no difference.Whether the reasons are cultural or technical, the fact is, people arejust really bad at keeping their passwords secret. They just don’t take it seriously. What’s even more galling to those who work with companies and individuals to improve security comprehension is that “your password” is still taken literally. By which I mean that mostpeople to this day use just one password for many or all of their accounts — and a weak one, at that.

How they do it

Criminals engage in obtaining identities to exploit in a range of ways, from low-tech to Secret Squirrel. Once the most common method of identity theft, paper or wallet theft is still popular, but now it’s a small-time operation. Still, someone lifting your wallet and using your IDand credit cards can do a fair bit of damage. Similarly, ID theft can occur when people rifle through your trash and find bank statements and other bills with account numbers, balances, and dates. These specifics allowthieves to call those vendors and report your cards as lost, change your address, and have replacements mailed to them.

Other schemes to separate you from your identity run the gamut from physical theft of personal documents from service providers to breaking into a computer network specifically for the purpose of stealing data. Another popular method is phishing.

But of course, the most common method of stealing identities is to do soen masse in a large-scale breach of a retailer, bank, insurance provider, or government agency. This gives criminals the biggest bang for their buck and the largest number of targets. See the chart on the facing page for more information about how this works.