Common Identity Theft Crimes - Research Paper Example

Common Identity Theft Crimes Abstract Identity theft and online consumer protection have become exceptionally significant areas in technological studies demanding special consideration in order to protect the identity rights of e-consumers. This report is a discussion about identity theft. First of all, an introduction has been given which gives a better understanding of the topic. Common ID theft crimes and security issues are discussed. Some important laws have been discussed to have a clear view of what steps have been taken to ensure the e-consumers’ identity protection. Then, social, ethical and moral issues regarding identity theft have been discussed. The report is summarized in a concluding paragraph. APA referencing has been used properly. Keywords: identity, theft, criminal, bank, information, computer, forensic, internet, security Introduction With the growing use of internet in our everyday lives, the threat of our identity being stolen is also increasing. Before getting into the niceties of this concept, lets first get to know what identity theft actually is. Identity theft is the crime that involves stealing of a person’s private information “in order to impersonate that person in a legal sense”, according to Vacca (2005, p. 137). When a person’s identity is stolen, he is at great risk of facing a terrifying number of monetary and individual dealings done in his name by the thief. Technology, along with its pros, has introduced exceedingly technical and chic means of acquiring someone’s basic identifying information. Whatever means the thief uses, identity theft brings great damage to the victim’s name and reputation as the victim is solely left responsible for whatever financial or personal loss he faces. One often has to reveal bits of his personal information while doing online transactions, such as, his name, address, telephone number, bank information, credit card information, and etcetera. The thief, after stealing this information, can misuse it by, for instance, applying for loans in the victim’s name, changing his billing address, obtaining driving license, applying for jobs, applying for insurance or new banking accounts, getting authorization for electronic transfers by using the victim’s electronic signature, or any other fraud. Though, internet identity theft has made people uncertain about shopping and selling online, checking their bank statements online, visiting auction websites or entering into business contracts or transactions; however, computer forensics has played its part in helping law enforcement agencies in gathering digital evidence and identifying stolen identities as well as the criminals involved (Newman, 2009). Common Identity Theft Crimes Financial crimes mainly take account of the misuse of the victim’s credit card information, bank account information, social security number, or insurance information. Anderson (2008) asserts that “criminals can acquire this information easily by searching through discarded trash, social engineering over the telephone or through outright theft of the data”. The thief can initiate fraudulent financial activities by creating fake identities. Counterfeit bank statements and checks can be created using special softwares and tools. Photographs can be edited using easy applications. Karen (2010) states that financial cybercrimes have increased dramatically over the last years (see Figure 1). Figure 2 also shows the rate at which internet related identity theft is surging. A thief, who happens to steal a person’s social security number (SSN), has all chances to get to his detailed personal information, according to Social Security Administration (2009, p. 2). The thief can then have access to all identification information from the databases and other data repositories that use SSNs as primary keys. He can then use his credit card information to apply for loans, do shopping and the leave the victim to pay the bills. The situation may lead to bankruptcy which can blow the victim out of his senses. Identity theft has also raised the problem of cyber stalking. Anderson, who works with NTI (New Technologies, Inc.) writes that: NTI was involved in a case where an individual assumed the identity of a past employee that had been discharged by a business. That identity was used, over the Internet, to terrorize a female Human Resources Manager who had fired the individual. After several weeks of investigation we discovered that the communications were fabricated by a peer worker within the corporation. This, and many other such cases occurring due to insecure internet environment, have been identified and solved by forensic computing strategies. Identity Theft and Wireless Networks Wireless network security is one of the main concerns since wireless networks strengthened their roots in the tech world and issues of personal information theft arose. Every wireless network has its security risks. Hackers can easily get into the network and obtain personal information much enough to break into the victim’s bank account. However, wireless networks set up at homes are quite reliable as they are established in such a way that hackers cannot break into unless there is a particu+lar access code (Hernandez, 2008). When a person connects to the internet through a wireless network, the computer suggests several signal choices, some of which are secure and some are not. Secure ones need a password to get hooked. A hacker cannot break into secured networks as wireless network security for them is turned on. Point to consider is that one should never carry out personal transactions or banking or financial activities at place that offer free wireless networking like hotels and airports as one can never be sure of wireless network security at such places. Identity Theft in Military Keller states that identity theft has become one of the most important military issues of the new millennium (2007). Military has started relying heavily upon information technology for inter-communication, controlling vehicles and maneuver of security forces, inspection and processing of military signals. Thus, it becomes important to protect all sensitive and confidential information from enemy countries. More precisely, the objective of military information security is to protect its computers and information networks from intruders so as to eliminate the risk of crucial security information getting stolen, snooped into, disclosed or corrupted.  Safe Shopping Online The internet has devised new ways and methods of shopping online while sitting in the comfort of one’s home. But, along with this ease, many concerns have also arisen which consumers must consider if they want to enter into protected and secure transactions with the seller companies without any security risks involved. They must watch what information they are going to share with the companies online. Companies might ask them to give their personal data like name, address, phone number, e-mail address, spouse’s name, name of parents and children, social insurance number, bank account number or credit card number. Consumers should make sure that the seller companies have a privacy policy mentioned on their websites and that the security of their credit cards or any other mode of payment is also guaranteed. They should give special consideration to the concern that the vendors should have a protected transaction scheme which will keep their financial information private and secured. If the credit card number has been given, then the statement must be checked regularly so as to make sure that there are no unknown charges that are not in the consumer’s knowledge because there have been cases in the past regarding fraudulent activities associated with the credit cards. Scams One should always do some research before falling for such offers by studying online reviews by other people and searching for any scam reports that the company might be having. For example, there are a lot of work-at-home jobs being offered at the internet with offers like lotteries or gifts or bonuses, most of which are just a scam trying to get the consumer’s personal information leading to their online profiling. Thus, it is very important to do some research work before giving out one’s curriculum vitae or resume which definitely contains all private information. It is also important to install an up-to-date anti-virus software program so as to protect the computer from scams and viruses that might travel to the system through malicious code. The e-mails must also be scam protected. The key sentence is that one should never give out one’s identity without making sure that the second party is a legitimate one. Laws and Legislation There are a number of laws that have been passed to eliminate the risk of identity theft. Some of these include: Computer Fraud and Abuse Act (CFAA) CFAA was designed in 1984 and deals with penalties for the intruders who gain access to sensitive information stored in a computer without authorized access. Computers have to be protected when the consumers carry out commercial activities, engage in cross-border e-commerce, and make online business transactions and email communications with online traders. It is illegal for anyone to get access to the transactional information without the consent of the party involved. The term protected computer is used in the Act to refer to those computers which is being used by financial institutions for the purpose of carrying out national or international e-commerce. The Act applies penalties upon the identity thieves starting from 10 years to 20 years of imprisonment. Electronic Communications Privacy Act (ECPA) ECPA was designed in the 1980s and enacted by the Congress. It applies penalties upon the persons who gain access to and make illegal use of the sensitive information that has been exchanged between the consumers and the online vendors through electronic communication techniques such as electronic mails, text messages, video conferences, chatting, and etcetera. Title I of ECPA deals with the protection of electronic communication that is transferred through voice, wire, sounds or signals; whereas, Title II, which is also referred to as Stored Communications Act (SCA), deals with the protection of stored communication like text messages and chats. Title III deals with the prohibition of using trap and trace devices that could record the electronic communication going on between the two parties without obtaining a search warrant for doing so. It is also obligatory for the Police to take the consent of the party involved prior to using his taped conversation. ECPA is said to have restricted the concept of online consumer profiling. Consumer profiles are made by the websites by the use of cookies which tend to store the consumer’s information when they visit a specific website. This information can then be illegally used by the websites which make online profiles of the consumers and make illegal use of their transactional information. The only exception here involved is that the consumer’s information can only be used with his consent. Thus, this Act ensures that consumers do not face the risk of identity theft. Children’s Online Privacy Protection Act (COPPA) COPPA was designed in 1998 and became effective on April 2000. COPPA put forward rules and regulations that are to be applied on the commercial website owners and internet service providers who know which websites are being used by children and collect personal information from them with or without their parents’ consent. They are checked how they make use of this information. The operators are told to maintain a privacy policy on their websites and on every such page where personal information is being collected from young children. They are required to take the parental consent before collecting the information and are under the obligation of keeping that information confidential and safe. COPPA ensures that the parents are provided a description of the personal information collected from their children along with the confirmation that the information has not been disclosed or sold to any third party so that they may decide to let their children keep using the website or block it. Health Insurance Portability and Accountability Act (HIPAA) This law was passed in order to eliminate the menace of identity theft. This information could either be stored in and exchanged through hard copied files or computer systems. The need for secure online networks initially arose when issues like computer viruses and internet fraud posed a threat to the security and privacy of data stored on online servers and health records. The consumers began to worry about their personal information so they had to be made sure that their data will not be affected or disclosed without their consent. So, Health Insurance Portability and Accountability Act (HIPAA) was put forth by U.S. Congress on August 21, 1996. Title II of HIPAA deals with the privacy issue of the consumer’s data and presents Privacy Rule which ensures fines and punishments for fraud and violation of the rule. The rule gives consumers the right to file complaints if they find anybody obtaining, selling or disclosing their information. This way, they can have their data protected and their communications confidential. Ethical, Moral and Social Issues There are some socio-ethical issues regarding identity theft. It is important to educate the users of internet and computer systems about “intellectual property rights issues, privacy/ surveillance issues, access to data issues and issues of human-computer interaction” (Stahl, Carroll-Mayer and Norris, 2010, p. 298). They should be able to relate principled reasoning to ethical cases. They should know that the other person’s identity is something that is his own property and not theirs; that they have no right upon others’ personal information, and they cannot use or disclose it without the owner’s permission. A virtual world businessman should respect his employees’ and clients’ personal identification data and should take measures to lock and protect the databases and data warehouses from unauthorized access. Even at very personal level, an internet user must know that he is supposed to protect and defend the second person’s identification information and at the same time, he should be aware of security breaches proposed by the World Wide Web so the he is able to protect his own identity. Conclusion Putting everything together, it is very important for the consumers to remain alert while they are interacting with the online community. In spite of so many laws, legislations and Acts that have been passed to ensure the consumers’ protection online, still cases happen where they can become a victim to fraudulent activities and scams put forward by retail companies and vendors. Though, there are numerous true and honest websites performing in a sincere and straightforward fashion, but still, it is always a sensible idea to protect one’s identity and personal information before giving it out. It is vital to educate the e-consumers about their rights of protection so that they do not get trapped in the hands of criminals. Figure 1. Increase in Financial Crimes http://karenlodrick.com/wordpress/wp-content/uploads/2010/03/dollars.jpg Figure 2: Increase in Identity Theft http://karenlodrick.com/wordpress/wp-content/uploads/2010/03/cybercrime.jpg References Anderson, M. (2008). Identity theft in financial crime cases. Identity Theft: Computer Forensics to the Rescue. Retrieved April 20, 2010 from http://www.forensics-intl.com/art18.html Hernandez, A., (2008). Internet Identity Theft - Wireless Network Security Issues. Retrieved April 20, 2010 from http://ezinearticles.com/?Internet- Identity- Theft- - - Wireless- Network- Security- Issues&id=1503146 Karen, L. (2010). Identity theft and cybercrime statistics in picture graphs. Retrieved April 20, 2010 from http://blog.karenlodrick.com/2010/03/29/identity-theft-and-cybercrime-statistics-in-picture-graphs Keller, J. (2007). The importance of military information security. Military and Aerospace Electronics. Retrieved April 20, 2010 from http://mae.pennnet.com/articles/article_display.cfm?article_id=309174 Newman, R. (2009). Computer Security: Protecting Digital Resources. USA: Jones & Bartlett Publishers. Social Security Administration. (2009). Identity theft and your social security number. Social Security. Retrieved April 20, 2010 from http://www.ssa.gov/pubs/10064.pdf Stahl, B., Carroll-Mayer, M., & Norris, P. (2010). Legal, professional, and ethical content. Forensic Computing: The Problem of Developing a Multidisciplinary University Course. Retrieved April 20, 2010 from http://www.cse.dmu.ac.uk/~bstahl/publications/2006_forensic_computing_course_development.pdf Vacca, J. (2005). Identity theft. Computer Forensics: Computer Crime Scene Investigation. USA: Cengage Learning. Read More