1
CYBER CRIME
Chapter 5
Objectives
· Understand the difference between identity theft and identity fraud
· Explore the five types of identity theft/fraud
· Discuss the virtual and Internet methods in which computer criminals steal identities
· Develop a knowledge of the crimes committed due to identity theft
Details
I. Identity Theft: Illegal use or transfer of an individual’s personal identification
information.
Identity Fraud: Illegal activities based on the fraudulent use of identifying information of a real or fictitious person.
· Creation of fictitious identity by using a “breeder” document(fictitious or stolen identifiers)
· Used by criminals to create additional lines of credit and separate bank accounts
· Used by terrorists to conceal their own identity, hide from authorities or gain access to sensitive information
Types of Identity Theft/Fraud
· Assumption of Identity: individual assumes the identity of their victim, including all aspects of the victim’s lives
· Rarest form of identity theft/fraud
· Theft for Employment or Border Entry: Fraudulent use of stolen or fictitious personal information to obtain employment or gain entry into US
· Alien Registration Cards
· Nonimmigrant Visas
· Passports and Citizenship Documents
· Border Crossing Cards
· Virtual Identity Theft/Fraud: Use of personal, professional, or other dimensions of identity toward creating a fraudulent virtual personality
· On-line dating
· Role playing
· Accessing deviant sites or locations containing questionable content
· Extra Marital Affairs
· Use for harassment or stalking
· Criminals may use to deceive others to reveal personal information or solicit a criminal act
· Credit Identity Theft/Fraud: Use of stolen personal and financial information to facilitate the creation of fraudulent accounts. It requires the affirmative act of securing additional credit.
· Criminals use to create additional sources of revenue through the establishment of multiple accounts
· FTC (2011) reported 60% of all identity theft victims stated their personal information was used to open new accounts, transfer funds, or commit tax/wage related fraud
II. Scope and Victimology
· Developing crime statistics for Identity Theft/Fraud has been difficult
· Lack of reporting by the public
· Lack of reporting by police to federal agencies
· Jurisdictional discrepancies in crime measurement
· Selective enforcement based on community standards and department resources
· First comprehensive study conducted by Government Accounting Office (2002)
· Identity Theft was dramatically increasing
· Calls to the Identity Theft Clearinghouse increased over 500% in two years
· Losses incurred by MasterCard and Visa increased by 43%
· No significant loss of consumer confidence as online shopping increased
· Number-one consumer complaint to the Federal Trade Commission (FTC)
· FTC Study (2004): 15 million Americans victimized in 2003.
· Total annual cost to individu.
On National Teacher Day, meet the 2024-25 Kenan Fellows
1CYBER CRIMEChapter 5Objectives· Understand the differen.docx
1. 1
CYBER CRIME
Chapter 5
Objectives
· Understand the difference between identity theft and identity
fraud
· Explore the five types of identity theft/fraud
· Discuss the virtual and Internet methods in which computer
criminals steal identities
· Develop a knowledge of the crimes committed due to identity
theft
Details
I. Identity Theft: Illegal use or transfer of an individual’s
personal identification
information.
Identity Fraud: Illegal activities based on the fraudulent use of
identifying information of a real or fictitious person.
· Creation of fictitious identity by using a “breeder”
document(fictitious or stolen identifiers)
· Used by criminals to create additional lines of credit and
separate bank accounts
· Used by terrorists to conceal their own identity, hide from
authorities or gain access to sensitive information
Types of Identity Theft/Fraud
· Assumption of Identity: individual assumes the identity of
their victim, including all aspects of the victim’s lives
· Rarest form of identity theft/fraud
2. · Theft for Employment or Border Entry: Fraudulent use of
stolen or fictitious personal information to obtain employment
or gain entry into US
· Alien Registration Cards
· Nonimmigrant Visas
· Passports and Citizenship Documents
· Border Crossing Cards
· Virtual Identity Theft/Fraud: Use of personal, professional, or
other dimensions of identity toward creating a fraudulent virtual
personality
· On-line dating
· Role playing
· Accessing deviant sites or locations containing questionable
content
· Extra Marital Affairs
· Use for harassment or stalking
· Criminals may use to deceive others to reveal personal
information or solicit a criminal act
· Credit Identity Theft/Fraud: Use of stolen personal and
financial information to facilitate the creation of fraudulent
accounts. It requires the affirmative act of securing additional
credit.
· Criminals use to create additional sources of revenue through
the establishment of multiple accounts
· FTC (2011) reported 60% of all identity theft victims stated
3. their personal information was used to open new accounts,
transfer funds, or commit tax/wage related fraud
II. Scope and Victimology
· Developing crime statistics for Identity Theft/Fraud has been
difficult
· Lack of reporting by the public
· Lack of reporting by police to federal agencies
· Jurisdictional discrepancies in crime measurement
· Selective enforcement based on community standards and
department resources
· First comprehensive study conducted by Government
Accounting Office (2002)
· Identity Theft was dramatically increasing
· Calls to the Identity Theft Clearinghouse increased over 500%
in two years
· Losses incurred by MasterCard and Visa increased by 43%
· No significant loss of consumer confidence as online shopping
increased
· Number-one consumer complaint to the Federal Trade
Commission (FTC)
· FTC Study (2004): 15 million Americans victimized in 2003.
· Total annual cost to individuals was $5 billion; businesses was
$47 billion
· Total cost to Law Enforcement was $15,000-20,000 per case
4. · Four overall trends emerged by 2011
· Identity fraud incidents continued to increase but financial
costs to consumers decreased due to improved prevention and
detection tools which shortened the time between violation and
discovery
· Social networking activity increased the likelihood of
victimization because a lot of personal information is
exchanged publicly
· Smartphone owners are more likely to be victimized as 62%
fail to safeguard their devices with passwords
· Data breaches were increasing and more damaging
· Most common items exposed were credit card, debit card and
Social Security numbers
· Victim Profile: white males, early 40’s who lived in
metropolitan areas
· Victim Impact: Long term repercussions
· Harassment form debt collectors
· Banking problems
· Loan rejection
· Utility cutoffs
· Arrest for perpetrator’s other crimes
III. Physical Methods of Identity Theft
· Mail Theft: Theft of breeder documents (driver’s licenses,
passports, financial statements, birth certificates, death records)
5. from physical mailboxes; done randomly or popcorning when
mailbox red flag signals outgoing mail
· Dumpster Diving: Retrieving confidential documents from
trash cans or dumpsters; software, passwords, company
directories, personnel records
· Historically, murder weapons, corpses, bookmaking
spreadsheets and narcotics have been retrieved from trash cans
· Theft of Computers: Physical theft of laptop and desktop
computers is among the most common techniques employed by
identity thieves
· Private homes or buildings; public transit, especially airports,
hotels, recreation centers and government offices
· November 2011; desktop computer stolen from the offices of
Sutter Medical Foundation contained medical records of 3.3
million patients
· Science Applications International Corp. and Tricare Corp.;
Backup tapes stolen from employee’s car; impacted 5.1 million
military personnel and their families
· See case studies on page 129
· Bag Operations: Surreptitious entry into a hotel room to steal,
photograph or photocopy documents; steal or copy magnetic
media; or download information from laptop computers
· Scheme is designed to obtain information while leaving the
physical items in place
· Conducted by host countries (intelligence services) against
visiting diplomats or officials from a foreign government
· Insiders: Many authorities suggest corporate and government
insiders pose the greatest risk to identity theft
6. · Careless employees
· Sloppy handling procedures
· Failure to properly destroy data on discarded equipment
IV. Virtual or Internet-Facilitated Methods
· Phishing: most common recognized method of online identity
theft/fraud;
Soliciting information by e-mail or culling of individual to fake
web sites
· Spoofing: sending e-mails or Web sites by using company
trademarks and logos; online shopping sites-financial
institutions; eBay or PayPal, U.S. Bank, Citibank
· Pharming: advanced form of phishing; redirects the connection
between an IP address and its intended site
· Redirectors: malicious programs which redirect users network
traffic to undesired sites
· Advance-fee Fraud or 419 fraud: Fraudster sends e-mail to
victim asking for assistance claiming “found money”; solicits
personal or financial information as part of the con
· Spyware
· Browser-based software designed to capture and transmit
personal information to third parties without the knowledge and
consent of the owner
· Surreptitiously installed on a user’s machine to intercept or
take control over the interaction between users and their
computers
· Victims precipitate their own problems by opening file
7. attachments, downloading free software, screensavers, songs,
adult Web sites which contain the spyware
V. Crimes Facilitated by Identity Theft/Fraud
Four Phase Process
· Stolen identifiers are procured
· Breeder document is created
· Breeder document used to create additional fraudulent
documents and solidify a false identity
· Fraudulent identity is employed in the commission of a
criminal act
· Student loan fraud, immigration fraud, social security fraud,
insurance fraud, credit card fraud, tax fraud, various Internet
scams