44.493
Issues in Criminal Justice Technology & Security
Identity theft
What is it?
According to the FTC,
identity theft is "when
an identity thief obtains some piece of your sensitive information
(your bank and credit card account numbers; your income; your
Social Security number (SSN); or your name, address, and phone
numbers) and uses it without your knowledge to commit fraud or
theft."
What is the current extent
of the problem?
- US Public Interest Group
estimates 500,000-700,000 people are victimized yearly. It takes
the average victim 23 months to resolve their cases, spending
an average of 175 hrs. and $808 in out of pocket fees (not including
lawyers' fees).
- According to the Anti-Phishing
Working Group, incidents of phishing alone increased an average
of 28% a month from July 2004 through March 2005
- 78 brands were highjacked
by phishing in March.
- The average length of time
online for these sites was 5.8 days, with longest being up for
31 days.
- Organized crime is now becoming involved.
Evidence that the MyDoom virus last year was used by organized
crime rings to steal money from individuals' accounts.
Sites such as www.oemcd.biz, www.mega-oem.biz, http://huge-sales.info
and www.atlantictrustbank.com, that might appear legitimate
aren't: "The one thing all of these sites have in common
is that none of them exist. If you buy something from them, you'll
get nothing, and they will never charge your credit card. But
what they will do is steal your identity."
- Several cases in 2005 of data base theft from legitimate retailers, including
Ralph Lauren Polo and DSW Shoes, have included thefts of millions
of credit card numbers, social security numbers, and bank account
numbers.
Colleges
and universities whose student and alumni records have been stolen
in recent months include BC, Tufts, Carnegie Mellon, and Stanford.
- More than 300,000 had their records stolen
from a variety of companies, including Lexis-Nexis, that sell
data bases.
How is it done?
According to the FTC, the current techniques include:
- Getting information from businesses
or other institutions by:
- stealing records from their
employer,
- bribing an employee who has
access to these records, or
hacking into the organization's computers.
- They rummage through your trash,
or the trash of businesses or dumps in a practice known as "dumpster
diving."
- They obtain credit reports by
abusing their employer's authorized access to credit reports
or by posing as a landlord, employer, or someone else who may
have a legal right to the information.
- They steal credit and debit
card numbers as your card is processed by using a special information
storage device in a practice known as "skimming."
- They steal wallets and purses
containing identification and credit and bank cards.
- They steal mail, including bank
and credit card statements, pre-approved credit offers, new checks,
or tax information.
- They complete a "change
of address form" to divert your mail to another location.
- They steal personal information
from your home.
- They scam information from you
by posing as a legitimate business person or government official.
-
1 | 2 | 3 | 4
| 5 | 6