This document discusses identity theft, including what it is, common types, statistics, how it works, techniques used by thieves, warning signs, and ways to protect yourself. Identity theft involves someone pretending to be someone else by stealing personal information like Social Security numbers to access credit and benefits. It can be done through dumping trash for data, hacking, phishing scams, or insider access abuse. People should monitor accounts, use passwords safely, and place fraud alerts on credit reports to protect themselves from identity theft.
2. Agenda
Identity Theft & Film
What is identity theft?
Types of the Identity Theft
Statistics & Identity Theft
How does identity theft work?
Techniques
Warning signs
How to steal an identity?
Countermeasures
Protect yourself
Regional legal responses
4. What is Identity Theft?
Identity theft is a form of stealing
someone's identity in which
someone pretends to be someone
else by assuming that person's
identity, typically in order to access
resources or obtain credit and other
benefits in that person's name
5. What is Identity Theft?
• The term identity theft was coined in 1964
• Determining the link between data breaches and
identity theft is challenging
• Probability of becoming a victim to identity theft as a
result of a data breach is ... around only 2%
6. What is Identity Theft?
Identity theft occurs when someone uses
your name, your Social Security number,
or some other personal, financial, or
medical information without your
permission to commit fraud or other
crimes.
7. Types of the Identity Theft
Criminal identity theft
(posing as another person when apprehended for a crime)
Financial identity theft
(using another's identity to obtain credit, goods and services)
Identity cloning
(using another's information to assume his or her identity in daily life)
Medical identity theft
(using another's identity to obtain medical care or drugs)
Child identity theft.
(children are valued because they do not have any information associated with them)
8. Statistics & Identity Theft
Consider the following:
One million people in Canada will suffer from some form
of identity theft totalling over $6 billion
50% of the cases reported will be as a result of
unauthorized credit card charges.
20% of the victims will know their thieves
The average time between the date of the theft and when
it is noticed by the victim will be 14 months.
10. How Does Identity Theft Work?
• Identity theft works in a range of ways
• from crude methods to well organised scams
Human-Based Computer-Based
Wealth
personal information
Cards
Mail
public records
Information saved in our computers
Information posted on social networking sites
12. Techniques
• Rummaging through rubbish for personal
information (dumpster diving)
• Retrieving personal data from redundant IT
equipment
• Using public records about individual citizens
(electoral rolls) Stealing bank or credit cards,
identification cards, passports, authentication
tokens ( pickpocketing, housebreaking or
mail theft)
• Common-knowledge questioning (what was
your first car model?)
13. Techniques
• Skimming information from bank or credit
cards (Clone Card)
• Using 'contactless' credit card readers to
acquire data wirelessly from RFID-enabled
passports
• Observing users typing ( shoulder Surfing)
• Stealing personal information from computers
( Malware, Trojan horse, Keystroke, Other
Spyware)
• Hacking computer networks, systems and
databases (SQl Injection)
14. Techniques
• Exploiting breaches (Social Address, IC Number)
• Advertising bogus job ( Resume, CV)
• Exploiting insider access and abusing the rights of privileged IT users
to access
• Impersonating trusted organizations in emails, SMS text messages,
phone calls (Phishing)
• Brute-force attacking weak passwords and using inspired guesswork
• Obtaining castings of fingers for falsifying fingerprint identification.
• Browsing social networking websites for personal details
• Using false pretences to trick individuals (Pretexting)
• Guessing Social Security numbers by using information found
15. TOOLS
• Gunter Ollmann said, “Interested in credit card theft?
There’s an app for that.”
• The new program for infecting users’ computers is
called Zeus (inexperienced hacker can operate it)
SpyEye/ZeuS Toolkit v1.3.05
16. Warning signs
• You get an email, SMS or a phone call out of
the blue asking you to ‘validate’ or ‘confirm’
banking details.
• You notice that amounts of money go missing
from your bank account without any
explanations.
• The caller pushes you to provide personal
information and discourages you from
checking if it’s a genuine request.
• You are unable to obtain credit or a loan
because of an inexplicably bad credit rating.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28. Protect Yourself
Such organizations offer recommendations on how individuals can prevent their
information falling into the wrong hands
•If your personal information is lost, stolen, or
otherwise compromised, you can minimize the
potential damage from identity theft.
•Put a Fraud Alert on Your Credit Reports
•
Review Your Credit Reports
•
Create an Identity Theft Report
•
29. Protect Yourself
•NEVER send money or give personal details to people you don’t know
and trust.
•If you receive a call from your bank or any other organisation, don’t
provide your personal details—instead ask for their name and a contact
number. Check with the organisation in question before calling
back. NEVER rely on a number provided in an email or click on the
provided link—instead find the contact number through an internet
search or check the back of your ATM card.
•If you receive a request from a friend or family member stranded while
on holiday asking you to transfer money to them, contact them by phone
or alternative contact to verify the request is genuine before sending any
money or providing personal details.
•
30. Protect Yourself
• Regularly check your credit card and/or bank
statements to ensure that suspicious transactions are
detected.
• Log directly onto websites you are interested in rather
than clicking on links provided in an email.
• Always get independent advice if you are unsure
whether an offer or request is genuine.
31. Protect Yourself
• To reduce or minimize the risk of becoming a victim of identity theft or fraud,
there are some basic steps you can take. For starters, just remember the word
SCAM
Stingy about giving out your personal information
Check your financial information regularly
Ask periodically for a copy of your credit report
Maintain careful records of your banking and financial accounts.
33. Regional legal responses
• Australia (135.1 General dishonesty)
• Canada (Under section 402.2 of the Criminal Code of Canada )
• France (In France, a person convicted of identity theft can be
sentenced up to five years in prison and fined up to €75,000)
• Hong Kong (Under HK Laws. Chap 210 Theft Ordinance, sec. 16A
Fraud )
• India (Under the Information Technology Act 2000 Chapter IX Sec 66C)