Abstract
In technical studies, identity fraud and online consumer security have become particularly important fields, requiring careful attention to secure the identity rights of e-consumers. This research is a dialogue about identity fraud. First of all, an introduction that gives a better understanding of the subject has been given. Popular ID fraud offences and safety issues are addressed. In order to provide a clear view of what measures have been taken to ensure the identity security of e-consumers, several significant laws have been addressed. Then, social, ethical and moral problems were discussed around identity theft. In the concluding paragraph, the article is summarised. APA referring was used appropriately.
Keywords: identity, theft, criminal, bank, information, computer, forensic, internet, security
Introduction
With the rising use of the internet in our daily lives, the possibility of our identity being stolen is also growing. Let’s first get to know what identity fraud really is before going into the niceties of this definition.
Theft of identity is the act, according to Vacca, of stealing private information from an individual “in order to impersonate that person in a legal sense” (2005, p. 137). If a person’s identity is stolen, he is at great risk of facing the terrifying amount of monetary and individual deals in his name from the thief. Technology, along with its pros, has introduced highly technical and fashionable means of capturing everyone’s simple identifying information. Whatever the thief uses, the victim’s name and credibility are destroyed by identity theft because the victim is solely responsible for whatever financial or personal harm he faces. You will have to reveal bits of your personal details when making online transactions, such as your name, address, telephone number, bank information, credit card information, and so on. The thief may misuse this information after stealing it by, for example, applying for loans on the victim’s behalf, changing his billing address, obtaining a driving licence, applying for a job, applying for insurance or new bank accounts, obtaining permission to use the victim’s electronic signature for electronic transfers, or any other fraud.
While internet identity theft has made individuals uncertain about buying and selling online, checking their bank statements online, visiting auction websites or entering into business contracts or transactions, computer forensics has played a role in helping law enforcement agencies collect digital evidence and identify stolen identities as well as the criminals involved (Newman, 2009).
Common Identity Theft Crimes
Financial crimes mainly take account of the misuse of the victim’s credit card information, bank account information, social security number, or insurance information. Anderson (2008) asserts that “criminals can acquire this information easily by searching through discarded trash, social engineering over the telephone or through outright theft of the data”. The thief can initiate fraudulent financial activities by creating fake identities. Counterfeit bank statements and checks can be created using special softwares and tools. Photographs can be edited using easy applications. Karen (2010) states that financial cybercrimes have increased dramatically over the last years (see Figure 1). Figure 2 also shows the rate at which internet related identity theft is surging.
A thief, who happens to steal a person’s social security number (SSN), has all chances to get to his detailed personal information, according to Social Security Administration (2009, p. 2). The thief can then have access to all identification information from the databases and other data repositories that use SSNs as primary keys. He can then use his credit card information to apply for loans, do shopping and the leave the victim to pay the bills. The situation may lead to bankruptcy which can blow the victim out of his senses.
Identity theft has raised the topic of cyber stalking as well. Anderson, who works with Emerging Technology, Inc. (NTI), writes:
In a case where a person assumed the identity of a past employee who had been discharged by a corporation, NTI was involved. Over the Internet, the identity was used to terrorise a female Human Resources Manager who fired the user. After several weeks of investigation, we found that a peer worker inside the company fabricated the messages.
Forensic computing techniques have documented and addressed this and several other such cases that arise due to unsafe internet environments.
Identity Theft and Wireless Networks
Wireless network security is one of the main concerns since wireless networks strengthened their roots in the tech world and issues of personal information theft arose.
Every wireless network has its security risks. Hackers can easily get into the network and obtain personal information much enough to break into the victim’s bank account. However, wireless networks set up at homes are quite reliable as they are established in such a way that hackers cannot break into unless there is a particu+lar access code (Hernandez, 2008). When a person connects to the internet through a wireless network, the computer suggests several signal choices, some of which are secure and some are not. Secure ones need a password to get hooked. A hacker cannot break into secured networks as wireless network security for them is turned on. Point to consider is that one should never carry out personal transactions or banking or financial activities at place that offer free wireless networking like hotels and airports as one can never be sure of wireless network security at such places.
Identity Theft in Military
Keller states that identity theft has become one of the most important military issues of the new millennium (2007). Military has started relying heavily upon information technology for inter-communication, controlling vehicles and maneuver of security forces, inspection and processing of military signals. Thus, it becomes important to protect all sensitive and confidential information from enemy countries. More precisely, the objective of military information security is to protect its computers and information networks from intruders so as to eliminate the risk of crucial security information getting stolen, snooped into, disclosed or corrupted.
Safe Shopping Online
Although sitting in the comfort of one’s house, the Internet has devised new forms and methods of shopping online. However, along with this facility, there have also been several issues that customers need to consider if they want to enter into safe and secure transactions with the selling companies without any security risks involved. They need to look at what data they are going to share with online businesses. Companies may require them to provide personal details such as name, address, telephone number, e-mail address, name of spouse, name of parents and children, number of social security, number of bank account or credit card number. Consumers should ensure that the selling firms have a privacy policy listed on their websites and that the protection of their credit cards or any other payment methods is also guaranteed. Special consideration should be given to the concern that suppliers should have a safe transaction scheme that will keep their financial data confidential and secure. If the credit card number has been issued, then the statement must be periodically reviewed to ensure that there are no unknown charges that are not reported to the customer because there have been instances of credit card-related fraudulent activities in the past.
Scams
One should always do some research before falling for such offers by studying online reviews by other people and searching for any scam reports that the company might be having. For example, there are a lot of work-at-home jobs being offered at the internet with offers like lotteries or gifts or bonuses, most of which are just a scam trying to get the consumer’s personal information leading to their online profiling. Thus, it is very important to do some research work before giving out one’s curriculum vitae or resume which definitely contains all private information. It is also important to install an up-to-date anti-virus software program so as to protect the computer from scams and viruses that might travel to the system through malicious code. The e-mails must also be scam protected. The key sentence is that one should never give out one’s identity without making sure that the second party is a legitimate one.
Laws and Legislation
There are a number of laws that have been passed to eliminate the risk of identity theft. Some of these include:
-
Computer Fraud and Abuse Act (CFAA)
The CFAA was founded in 1984 and deals with penalties for intruders who gain access to confidential data stored on a computer without allowed access. When customers carry out commercial activities, participate in cross-border e-commerce and perform online business transactions and email interactions with online traders, computers need to be secured. It is illegal for someone without the permission of the person involved to get access to the transactional data. In the Act, the word secure computer is used to refer to those computers used by financial institutions to conduct domestic or international e-commerce. The Act applies sentences starting from 10 years to 20 years in jail for identity thieves.
-
Electronic Communications Privacy Act (ECPA)
ECPA was designed in the 1980s and enacted by the Congress. It applies penalties upon the persons who gain access to and make illegal use of the sensitive information that has been exchanged between the consumers and the online vendors through electronic communication techniques such as electronic mails, text messages, video conferences, chatting, and etcetera. Title I of ECPA deals with the protection of electronic communication that is transferred through voice, wire, sounds or signals; whereas, Title II, which is also referred to as Stored Communications Act (SCA), deals with the protection of stored communication like text messages and chats. Title III deals with the prohibition of using trap and trace devices that could record the electronic communication going on between the two parties without obtaining a search warrant for doing so. It is also obligatory for the Police to take the consent of the party involved prior to using his taped conversation. ECPA is said to have restricted the concept of online consumer profiling. Consumer profiles are made by the websites by the use of cookies which tend to store the consumer’s information when they visit a specific website. This information can then be illegally used by the websites which make online profiles of the consumers and make illegal use of their transactional information. The only exception here involved is that the consumer’s information can only be used with his consent. Thus, this Act ensures that consumers do not face the risk of identity theft.
-
Children’s Online Privacy Protection Act (COPPA)
COPPA was designed in 1998 and became effective on April 2000. COPPA put forward rules and regulations that are to be applied on the commercial website owners and internet service providers who know which websites are being used by children and collect personal information from them with or without their parents’ consent. They are checked how they make use of this information. The operators are told to maintain a privacy policy on their websites and on every such page where personal information is being collected from young children. They are required to take the parental consent before collecting the information and are under the obligation of keeping that information confidential and safe. COPPA ensures that the parents are provided a description of the personal information collected from their children along with the confirmation that the information has not been disclosed or sold to any third party so that they may decide to let their children keep using the website or block it.
-
Health Insurance Portability and Accountability Act (HIPAA)
This law was passed in order to eliminate the menace of identity theft. This information could either be stored in and exchanged through hard copied files or computer systems. The need for secure online networks initially arose when issues like computer viruses and internet fraud posed a threat to the security and privacy of data stored on online servers and health records. The consumers began to worry about their personal information so they had to be made sure that their data will not be affected or disclosed without their consent. So, Health Insurance Portability and Accountability Act (HIPAA) was put forth by U.S. Congress on August 21, 1996. Title II of HIPAA deals with the privacy issue of the consumer’s data and presents Privacy Rule which ensures fines and punishments for fraud and violation of the rule. The rule gives consumers the right to file complaints if they find anybody obtaining, selling or disclosing their information. This way, they can have their data protected and their communications confidential.
Ethical, Moral and Social Issues
Regarding identity fraud, there are several socio-ethical problems. Educating internet and computer system users on “intellectual property rights issues, privacy/ surveillance issues, access to data issues and issues of human-computer interaction” is relevant (Stahl, Carroll-Mayer and Norris, 2010, p. 298). Ethical cases should be able to apply principled reasoning to them. They should realise that the identity of the other person is something that is his own property and not his own; that they have no access to the personal data of others, and without the permission of the owner, they will not use or reveal it. A virtual world businessman should value the personal identity data of his employees and customers and take steps to lock and secure the databases and data warehouses from unauthorised access. Even at a very personal level, an internet user must realise that he is expected to protect and defend the identifying details of the second person and at the same time, should be aware of the security breaches proposed by the World Wide Web so that he can protect his own identity.
Conclusion
Putting everything together, it is very important for the consumers to remain alert while they are interacting with the online community. In spite of so many laws, legislations and Acts that have been passed to ensure the consumers’ protection online, still cases happen where they can become a victim to fraudulent activities and scams put forward by retail companies and vendors. Though, there are numerous true and honest websites performing in a sincere and straightforward fashion, but still, it is always a sensible idea to protect one’s identity and personal information before giving it out. It is vital to educate the e-consumers about their rights of protection so that they do not get trapped in the hands of criminals.
Figure 1. Increase in Financial Crimes
https://karenlodrick.com/wordpress/wp-content/uploads/2010/03/dollars.jpg
Figure 2: Increase in Identity Theft
https://karenlodrick.com/wordpress/wp-content/uploads/2010/03/cybercrime.jpg
References:
- Anderson, M. (2008). Identity theft in financial crime cases. Identity Theft: Computer Forensics to the Rescue. Retrieved April 20, 2010 from https://www.forensics-intl.com/art18.html
- Hernandez, A., (2008). Internet Identity Theft – Wireless Network Security Issues. Retrieved April 20, 2010 from https://ezinearticles.com/?Internet- Identity- Theft- – – Wireless- Network- Security- Issues&id=1503146
- Karen, L. (2010). Identity theft and cybercrime statistics in picture graphs. Retrieved April 20, 2010 from https://blog.karenlodrick.com/2010/03/29/identity-theft-and-cybercrime-statistics-in-picture-graphs
- Keller, J. (2007). The importance of military information security. Military and Aerospace Electronics. Retrieved April 20, 2010 from https://mae.pennnet.com/articles/article_display.cfm?article_id=309174
- Newman, R. (2009). Computer Security: Protecting Digital Resources. USA: Jones & Bartlett Publishers.
- Social Security Administration. (2009). Identity theft and your social security number. Social Security. Retrieved April 20, 2010 from https://www.ssa.gov/pubs/10064.pdf
- Stahl, B., Carroll-Mayer, M., & Norris, P. (2010). Legal, professional, and ethical content. Forensic Computing: The Problem of Developing a Multidisciplinary University Course. Retrieved April 20, 2010 from https://www.cse.dmu.ac.uk/~bstahl/publications/2006_forensic_computing_course_development.pdf
- Vacca, J. (2005). Identity theft. Computer Forensics: Computer Crime Scene Investigation. USA: Cengage Learning.