Identity theft identity fraud & phishing: case study

Abstract
Identity theft is often perceived as one of the major upcoming threats
in crime. However, there is no commonly accepted definition of
‘identity theft’ or ‘identity fraud’, and it is impossible to study the real
threat of this phenomenon without conceptual clarity. In this article,
we attempt to provide a starting point for policy and research by
proposing some definitions. We indicate that what is usually called
‘identity theft’ (defined as fraud or another unlawful activity
where the identity of an existing person is used as a target or
principal tool without that person’s consent) is part of the larger
issue of ‘identity fraud’. This, in turn, is a subset of the umbrella term
‘identity-related crime’, which we define as all punishable activities
that have identity as a target or a principal tool. We argue that it is
relevant to look at this broader picture, since not only identity ‘theft’,
but also consensual yet unlawful identity changes as well as
unlawful identity deletion should receive the attention of policy-
makers and legislatures.
Introduction

Introduction
‘Identity thieves make thousands of victims!’ is a typical
headline of current e-zines. One pictures
thousands of people panicking and pursuing thieves running
away with their identities. Reality is
different, of course. Identity criminals do no steal identities: they
use identity as a tool to steal money.
And the typical victim does not notice the crime until long
after the criminal has booked a one-way ticket to the tropics.
A good reason to have a look at the terminology of ID
‘theft’, ID fraud, and ID-related crime. The threat of
identity theft is increasingly felt, not only in the United
States, where reports present shocking figures and ring alarm
bells loudly (see for instance [FTC06]), but also in Europe

However,
what is called ‘identity theft’ or ‘identity fraud’ in these
reports is not clearly delineated. In fact, there
is no commonly accepted definition of ‘identity theft’ or
‘identity fraud’, and it is impossible to study the
real threat of this phenomenon when the prevalent literature
can only compare apples and oranges. It is
therefore necessary to delineate exactly what is meant by
these terms.attempts to suggest definitions for the notions
of ‘identity theft’ and ‘identity fraud’, and proposes the
term ‘identity-related crime’ as a useful umbrella term.

1 Some existing definitions

Identity theft
Identity Theft is a crime in which an impostor
obtains key pieces of personal Identifying
Information (PII) such as Social Security Numbers
and driver’s license numbers and uses them for
their own personal gain.

How does it happen?

• License Stolen wallet - Driver license ID - Credit
cards - Debit cards - Bank accounts checks; last
withdrawal banking statement - Health insurance -
Auto registration and insurance card - Frequent
flyer card
• Pilfered mail
• Computer virus
• Phishing and Social Engineering - Links to
fraudulent web sites - Email - Phone call - Mail
• Social Networking plate
• Health records
• Financial Data
 What is identity fraud

As noted above, identity theft and fraud usually refer to the

same crime. Still, one could make the case that the fraud is
the actual use of the stolen information for illicit gain.
What kinds of crimes can be committed once thieves are able
to have others’ personal information? All sorts of them as it
turns out.
While the list of identity fraud crimes is a long one, the
Federal Trade Commission breaks them down into six major
categories:

 Credit card fraud: Using someone else’s credit card or

credit card number to make fraudulent purchases
 Employment or tax-related fraud: Using someone
else’s Social Security number and other personal
information to gain employment or file an income tax
return
 Phone or utilities fraud: Using another person’s
personal information to open a cell phone or utility
account
 Bank fraud: Using someone else’s personal
information to take over an existing financial account or
to open a new account in someone else’s name
 Loan or lease fraud: Using someone else’s personal
information to obtain a loan or lease
Real life case of banking fraud
The Himalayan Times Kathmandu,
November 23 The Central Investigation Bureau (CIB) of Nepal
Police has again arrested two former high-ranking officials of then
Kist Bank — then deputy managing director BN Gharti and another
official Pragun Shrestha — who had been convicted of a banking
fraud, from Kathmandu on Wednesday. Deputy Superintendent of
Police at CIB Shyam Oliya has confirmed that they were arrested and
are being interrogated for the banking fraud charge that has been
levelled against them. “There are other high ranking officials that we
suspect of being complicit in the scam and they are under our radar,”
he added. “We will make their names and details of their misdeeds
public on Saturday.” CIB had earlier arrested Gharti on charge of
banking fraud on November 24, 2013. According to the CIB, Gharti
was arrested along with two other Kist Bank officials. At that time
Gharti was heading the management of Kist Bank after its managing
director Kamal Gnawali was forced to resign in June that year after he
was charged with banking fraud. In a recent development related to
the case, Gnawali was arrested from Mohana bridge on the border
between Kailali and Kanchanpur districts on October 6. Gnawali had
been absconding since being convicted of the aforementioned crime.
Gnawali had been on the run after Patan High Court in 2016
convicted him of banking fraud and embezzlement and sentenced him
to four years in prison, along with a penalty of Rs 42.68 million. The
case is related to embezzlement of loan amount worth Rs 130 million
taken from Siddhartha Development Bank. An investigation
conducted by Nepal Rastra Bank had found that Gnawali, who was
 also a shareholder at Siddhartha Development Bank, had used his
personal influence while taking a loan in his wife’s name by keeping
a plot of land as collateral at a highly inflated rate. The actual
valuation of the and, as revealed by subsequent investigation, was
only Rs 60 million. Moreover, Gnawali, Gharti and the management
team of Kist Bank had provided a loan of Rs 120 million to Jamko
Publication that was disproportionate to the value of the collateral
pledged by Jamko thus going against the investment policy of the
bank. A version of this article appears in print on November 24, 2018 of
The Himalayan Times.

How to protect online from identity theft

Keep a close eye on your accounts

Beware of spam emails

Create more difficult passwords

Use a password manager

Protect your Internet usage

Secure your Social Security Number

Review your credit information every year

Put your mail on hold during long absences

• identity takeover, when someone takes over the
ide
• identity delegation, when someone uses
someone else’s identity with that person’s
consent;
• identity exchange, when two or more people,
with mutual consent, use each other’s identity;
• identity creation, when someone creates the
identity of
2 Identity-related Crime