Professional Documents
Culture Documents
Crime
CHAPTER 5
Identity Theft and
Identity Fraud
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Learning Objectives
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Learning Objectives
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Introduction
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Typologies of Internet Theft/Fraud
• Assumption of Identity
§ Involves one person assuming all aspects of
the other’s life
§ Rare, because of the difficulty in accomplishing
it
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Typologies of Internet Theft/Fraud
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Typologies of Internet Theft/Fraud
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Typologies of Internet Theft/Fraud
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Typologies of Internet Theft/Fraud
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Prevalence and Victimology
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Prevalence and Victimology
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Prevalence and Victimology
• Factors:
§ Loss of consumer confidence
§ Delay in victim awareness
§ General lack of reporting
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Prevalence and Victimology
Mail Theft
• Information stolen from mailboxes, including credit card
offers, government documents, like Social Security
statements and passports, for example.
• Popcorning: steal information by looking for raised flags
which signal outgoing mail
Dumpster Diving
• Searching waste receptacles for identification information
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Physical Methods of Identity Theft
• Theft of Computers
§ Physical theft of computers, especially laptops,
from airports, hotel rooms, homes, and offices,
because they contain personal information
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Physical Methods of Identity Theft
• Bag Operations
§ Theft of intelligence
§ By governmental intelligence operatives
§ Often committed in hotel rooms
§ Often done by using corrupted hotel
employees
§ Easier to do because of portable mass storage
media
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Physical Methods of Identity Theft
• Child Identity Theft
§ Typically committed by parents
§ Dramatically increasing
§ Problems include delayed identification; also,
not within the purview of child welfare
agencies
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Physical Methods of Identity Theft
• Insiders
§ Since committed by employees, intentionally
or accidentally, perhaps the greatest threat
• Fraudulent/Fictitious Companies
§ Very sophisticated
§ Involves the creation of shell companies to
gather personal information
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Physical Methods of Identity Theft
• Card Skimming
§ Theft of personal information encoded on the
magnetic strip of credit/debit card
• ATM Manipulation
§ Includes stealing personal information, like
PIN, through use of fraudulent ATM
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Virtual or Internet-Facilitated
Methods
• Capitalizes on the nature of the world wide
web, built for efficiency and not security
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Virtual or Internet-Facilitated
Methods
• Phishing
§ Involves fraudulent e-mails seeking
information (such as the infamous Nigerian
419 letter), use of fake web sites
§ Difficult to identify offenders
• Variations include:
§ Spoofing: Soliciting funds via false, but
apparently authentic, communications
§ Pharming: Redirecting connection from
legitimate IP address to redirect to a mirror
site
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Virtual or Internet-Facilitated
Methods
§ Redirector: Malware redirects traffic to
undesired site
§ Advance-fee/419 fraud: Strangers deceiving
people into providing financial information,
often due to a promise of a windfall
§ Phishing Trojans or spyware, often to create
botnets
§ Floating windows, placed over address bar of a
browser, to site to steal personal info
§ Botnets: Change Web site IP address without
changing domain name, to steal info and
spread malware
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Virtual or Internet-Facilitated
Methods
• Spyware and Crimeware
§ Spyware: takes control of computer's
interactions with users to capture info
§ Crimeware: spyware to achieve identity theft,
other economically motivated crimes
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Virtual or Internet-Facilitated
Methods
• Trojans
§ Can have an apparently legitimate purpose;
often, keyloggers, password-stealers, or
installers of back doors
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Crimes Facilitated by Identity
Theft/Fraud
• Aim: Anonymous entry into private areas
to transfer resources
• Typically a four-phase process:
§ Procure stolen identifiers
§ Create or secure of a breeder document (birth
certificate, driver's license, etc.)
§ Use breeder document to create additional
fraudulent documents and solidify an identity
§ Employ fraudulent identity to commit criminal
act
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Crimes Facilitated by Identity
Theft/Fraud
• Insurance and Loan Fraud
§ Get government loans, enroll at legitimate
institution, drop out, pocket the moneys,
disappear
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Conclusions and
Recommendations
• Restrict access and publication of social security
numbers.
• Ban the sale of social security numbers.
• Require the oversight of data-selling companies.
• Require enhanced identity authentication
practices.
• Develop a standardized police report.
• Develop civil remedies and criminal penalties
directly proportionate to the loss suffered.
• Provide civil remedies for victims.
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved
Conclusions and
Recommendations
• Develop incentives for businesses, financial
institutions, and consumer reporting agencies.
• Hold credit reporting agencies and lenders
responsible for their mistakes.
• Provide for ongoing funding for research,
enforcement, and public education ID theft/fraud.
• Mandate incident reporting.
• Create a centralized incident database.
Computer Forensics and Cyber Crime, 3 rd ed. Copyright © 2013 by Pearson Education, Inc.
Marjie T. Britz All Rights Reserved