Information Technology Reference
In-Depth Information
Identify thieves and sexual predators have used the Internet to find new victims.
Dorothy Denning defines
identity theft
as “the misuse of another person's identity, such
as name, Social Security number, driver's license, credit card numbers, and bank account
numbers. The objective is to take actions permitted to the owner of the identity, such as
withdraw funds, transfer money, charge purchases, get access to information, or issue
documents and letters under the victim's identity” [71].
The leading form of identity theft in the United States is credit card fraud. Identity
thieves either take out a new credit card in someone else's name or commandeer an exist-
ing account [72]. By changing the billing address of existing accounts, a thief can run up
large debts before the victim becomes aware of the problem. These activities can blemish
the target's credit history. As a result, victims of identity theft may have applications for
credit cards, mortgage loans, and even employment denied. If the impostor shows false
credentials to the police, the victim may even be saddled with a false criminal record or
outstanding arrest warrants.
Financial institutions contribute to the problem of identity theft by making it easy
for people to open up new accounts. Since information brokers on the Web are selling
driver's license numbers, Social Security numbers, and credit card information, it's
easy for an identity thief to gather a great deal of information about another person.
Assuming another person's identity is made simpler by banks allowing people to open
accounts online [73].
The number of Americans victimized by identity theft decreased from about 11
million in 2009 to 8 million in 2010, but the average loss increased from $387 to $631
[74]. Fortunately, United States law says that a consumer's liability for losses due to
credit card fraud are limited to $50 if reported promptly. Most victims end up paying
nothing out of pocket because their banks and credit card companies offer zero-liability
fraud protection. However, victims of identity theft typically spend more than 30 hours
resolving the problem [74].
Most cases of identity theft are not the result of someone using computers to break
into a database containing information about a target. Instead, identity thieves are much
more likely to use low-tech methods to gain access to the personal information they
need. A 2008 survey of identity theft victims revealed that in 43 percent of the cases, the
theft was the result of a lost or stolen wallet, credit card, checkbook, or another physical
document [75]. Some identity thieves engage in
dumpster diving
—looking for personal
information in garbage cans or recycling bins. Old bills, bank statements, and credit card
statements contain a wealth of personal information, including names, addresses, and
account numbers. Another simple way to get information is through
shoulder surfing
—
looking over the shoulders of people filling out forms.
In 19 percent of the cases surveyed in 2008, someone at a business obtained a credit
card number when the owner was making a purchase [75]. Waiters or store clerks match
