Electronic Identity Theft - Essay Example

Computing Environment Part Problems and Risks in Electronic Identity Theft Article This article is about business risks associated with data breach. It calls for a regional unification in fighting against data breach. The article gives reasons why data should be protected at all costs. Three reasons are given and they are: identity theft is a low-risk activity with huge returns for organized crimes, legal and regulatory bodies associated with protecting data in UK should be legally protected and penalties introduced to defaulters, and the last reason use of mobile storage devices to prevent data breaches. The article then gives guidelines to organizations on how to prevent data breaches (Tanner 2009). This article talks about issues related to personal information security. In a nutshell, data breach is unauthorized disclosure of personal data by an organization through hacking, penetration testing, deliberate theft or disclosure. Data breach is a risk in personal information security. Reference Tanner, J. (2009) “Business risks associated with data breaches:, Security, 9 June. Article 2 The article talks about security risks associated with social media and the people who own these risks. It further explains the drastic changes in social media from PCs to smartphones, tablets and PDAs. The risks are owned by the firms although these risks may be delegated to the security teams (Ashfold 2010). Social media is a common communication trend today and its usage can not be detached from security risks. Information given by the client is a potential risk to personal information security. Reference Ashfold, W. (2010) “Security think tank: What are the security risks associated with social media use, and who owns these risks?” Risk Management, 4 October. Article 3 The article speaks about the importance of information security. It outlines four values on the importance of information security as indicated by UK’s information Commissioner in 2008 (Stonecypher 2010). Keeping your information safe is the key thing to avoid losing your possessions and information to potential criminals. The article highlights on the importance of personal information security. Reference Stonecypher, L. (2010) Why is information security important? Network Security, 3 April. Article 4 The article talks about social networking and identity theft. It gives out information on how criminals carry out identity theft. Posting too much information on social networks and giving every detail about your activities helps a criminal to carry out an identity theft (Experian 2010). Identity theft is a risk to personal information security. Knowing how to protect this information is vital and will keep criminals away. Reference Experian (2010) Social networking could leave your home at risk, 22 February. Article 5 This article talks about the potential risks of losing information via a Webkit-based browser specifically Apple’s Safari browser. It states that malicious website can autofill information from Safari without even the user entering any personal information on the site or even if the site was never visited at all (Rosenblatt 2010). This is a possible risk to somebody’s personal information. Malicious websites take personal information without their knowledge and this becomes a loophole for criminals to steal from the person. Reference Rosenblatt S. (2010) Safari 5: A first look: Business Productivity. ZDNet UK retrieved 24th October, 2010 http://www.zdnet.co.uk/reviews/business-productivity/2010/06/10/safari-5-a-first-look-40089192/ Article 6 This article talks about online security threats for online merchants. Measures need to be taken to avoid losses due to fraudulent activities. Giving no room to cyberspace criminals will ensure your business runs smoothly without fear from these criminals (Sanders 2010). Fraudulent activities in the cyberspace are bringing losses to online merchants. Information given by the customers if not taken care of can lead to personal information security risks. Reference Sanders, C. (2010) The current state of online security for online merchants, Information Technology, 22 March. Abstract Personal information security in UK is at risk. Identity theft and data breach are the main risks. These risks bring huge losses to both individuals and businesses. It is common for those who shop online and those who use social networks. Measures need to be taken to protect and prevent data breach and identity theft. Creating awareness among internet users about these risks will help prevent them. Computing Environment Part 2 Introduction Electronic identity theft is a vice committed by cyberspace criminals. These people hack personal information through the internet and use it to steal from unsuspecting people usually for financial gain. It manifests itself in three ways; gaining unauthorized access to a computer or a computer system, causing damage or impairment of computer data without authorized access or tamper with the functioning of the computer or computer system and unauthorized interception of computer data (Clough 2010, p27). Getting access to this information however small, it is enough for a cyberspace criminal to commit a crime. Electronic Identity Theft Identity theft is accessing information acquired illegally from public records, stealing personal belongings, misuse of databases, credit cards and tampering with such information. Unauthorized access to personal data can be done by dumpster diving, payment card theft, business record theft, shoulder surfing and pretexting. These are the traditional ways of identity theft (OECD 2008, p2). Modern ways of identity theft involve the use of devices such as personal computers and other electronic devices like mobile phones to illegally access victim’s personal information. There are four ways to access victim’s personal information. (a) Software is designed to gather personal information and it is installed secretly on someone’s computer or mobile. It causes harm to the computer system or other systems to destabilize its intended usage by the owner. This is referred to as malware. There are several types of malware and they include; Trojan horses, viruses, worms, keystroke loggers, rootkits, spyware, screen scrapers and backdoors. (b) Misleading e-mails and websites are used to ploy persons into giving personal information, for example, phishing is an e-mail mass-distributed through spam and they are used to install malware on the user’s computer. The process of phishing involves luring the user to give the information through e-mails and mirror websites that resemble those from legitimate businesses. (c) Devices such computers and mobile phones are hacked into or exploited to obtain personal information. (d) Spam is unwanted and harmful electronic message and it is a vector for malware and criminal phishing scams (OECD 2008, p3). The Extent of Electronic Identity Theft Identity fraud a form of identity theft is increasing at a rapid rate in United Kingdom. It affects both individuals and businesses and it is a growing concern among British people. Close to 81 percent of British people are worried about becoming victims of identity theft. In 2009, fifty nine thousand identity theft crimes were recorded. This is a thirty six percent increase from the year 2008. Regions in UK well known with identity fraud and with highest statistics are Birmingham and South-East London (Bunz 2009). Despite the increase in identity fraud, most people and businesses are reluctant in protecting themselves against these crimes. According to the statistics 22 percent of them access bank details at home or in internet cafes. 54 percent check their bank and financial statements regularly. 44 percent of Britons do not bother to destroy documents containing sensitive information before discarding them. 79 percent of businesses make no effort to destroy sensitive information that is thrown away or recycled (Bunz 2009). In the year 2009, online banking fraud losses recorded a 55 percent rise compared to the same period in 2008. The losses totaled 39 million sterling pounds. The increase is attributed to use of more sophisticated methods by the criminals. These criminals use malware scams that target the weak points in a victim’s personal computer rather than the bank’s system. The bank systems have become hard to attack. During the period, 26 000 cases of phishing were reported representing a 26 percent increase of phishing incidents in the same period in 2008 (Anon. 2009, p2). Social networks are not very safe especially on matters concerning personal information. A research done by Experian in 2009, indicates that account take over fraud recorded a 206 percent increase (Experian 2010). Risks Associated With Electronic Identity Theft It is a major task for IT managers to determine identity theft risks and implement policies and technical measures to combat them (Vacca 2003, p131). There are many risks associated with electronic identity theft. These risks include loss of information to unauthorized people. These people are known as cyberspace criminals. They use personal information to for their financial gains. Costs of data breaches are estimated to be 55 sterling pounds per tampered record (Tanner 2009). According to Vacca (2003), a survey conducted suggested that there was a major security flaw that existed in corporate internet. The rising cases of identity theft in UK are posing risks to both individuals and businesses. Most Britons are worried about their personal information security. It is evident losses due to identity fraud are high and are increasing. In the year 2009, the losses due to online banking fraud amounted to 39 million sterling pounds. Preventing Electronic Identity Theft Preventing electronic identity theft is not an easy task because the methods used to access personal information are ever changing. The methods are becoming sophisticated and the targets are changing (Anon. 2009, p2). According to Boyer (2008, p158), there are several things to do to protect one’s online identity. Be updated on the methods used to scam and learn how to stop them. Where passwords and pins are used; choose a password that is not associated with your name and can be easily remembered without writing down. If you have different accounts choose passwords that are different. Do not choose a short password; let it be more than 8 characters and mixed up with numbers and words that are of different cases. Do not save your password and remember to clear cache when you log out. Change your password after every six months (Boyer 2008, p167). Protection against hacking and spyware requires an individual to do the following. Install an antivirus and an anti-spyware in your computer. Updates when available download them from the antivirus company. Refrain from downloading anything from the internet unless you are sure what it is. Desist from peer to peer file online file sharing websites and avoid downloading anything from people you meet online. Buying a program that encrypts your data will be an advantage. A charity may seem legitimate but stay away from them, if need be contact your state charity-regulating offices to determine legitimate charities. When discarding your computer, get an expert who will make sure that all the data is deleted. Strange e-mails and websites can be harmful, do not visit them or try to open them (Boyer 2008, p182). Use of complicated fraud screening detection tools by retailers and banks have reduced losses from phone, mail order shopping and internet scam. The losses stand at 134 million sterling pounds. Chip and use of PIN has reduced the number of fraud cases in UK. The losses are down by 26 percent (Anon. 2009, p2). Another solution is education; creating awareness to consumers and users through initiatives inform of websites of the risks involved in identity theft. In UK banks and retailers are informing their consumers on how to protect their chip and PIN terminals from fraud criminals (Anon. 2009, p2). All personal and organization’s data when encrypted is secure. Whole disk encryption is the preferable and secure method than folder or file encryption (Tanner 2009). What Should Be Done to prevent Identity Theft The government should enhance cross-border enforcement co-operation. It should advocate for companies to disclose security breaches affecting personal information of the consumer. This is because most of these do not know if their personal information is at risk and it makes them vulnerable to identity theft (Acoca 2008). The consumer should be updated on the current consumer news. This will help the consumer to know of the latest anti-fraud programs and devices. Consumer news gives information on how to prevent and protect oneself from identity theft. The government should enforce harsh penalties on identity criminals. Strict penalties will shun away those who want to commit such crimes. Regional co-operation in fight against identity theft should be reinforced. Most of the web sites accessed are from different regions. Unity in preventing such vices is vital for the safety of consumer’s personal information. Both consumers and businesses should keep themselves updated on the various forms of emerging malware, spywares and other methods used by cyberspace criminals. This information is essential in preventing fraud from these criminals. Those who use social networks should limit the information they give. This is because too much information can give a criminal an opportunity to harm you. References Acoca, B. (2008) “Online identity theft”, Science and Technology, June. Anon (2009) Financial Fraud Action UK announces latest fraud figures, 7 October. Ashfold, W. (2010) Security think tank: What are the security risks associated with social media use, and who owns these risks? Risk Management, 4 October. Boyer, A. (2008) The online identity theft prevention kit: Stop scammers, hackers, identity thieves from ruining your life. Atlantic Publishing Company. Bunz, M. (2009) Identity fraud is the UK’s fastest growing crime in 2009, 12 October. Clough, J. (2010) Principles of cybercrime. Cambridge University Press. Experian (2010) Social networking could leave your home at risk, 22 February. OECD (2008) OECD policy guidance on online identity theft. OECD. Rosenblatt S. (2010) Safari 5: A first look: Business Productivity. ZDNet UK retrieved 24th October, 2010 http://www.zdnet.co.uk/reviews/business-productivity/2010/06/10/safari-5-a-first-look-40089192/ Sanders, C. (2010) The current state of online security for online merchants, Information Technology, 22 March. Stonecypher, L. (2010) Why is information security important? Network Security, 3 April. Tanner, J. (2009) Business risks associated with data breaches, Security, 9 June. Vacca, J. (2003) Identity theft. Prentice Hall PTR. Read More