Identity Theft

1 / 34
About This Presentation
Title:

Identity Theft

Description:

... as an e-mail attachment such as 'I Love You' or 'My Doom'-- consists of hidden ... Spyware blocking software (i.e. SpyBot), upgrade to ... What Can You Do? ... – PowerPoint PPT presentation

Number of Views:204
Avg rating:3.0/5.0
Slides: 35
Provided by: lda82

less

Transcript and Presenter's Notes

Title: Identity Theft


1
Identity Theft
  • Presented by
  • Lois Davis
  • Director of Academic Computing
  • Casper College

2
History of Computer Crimes
  • Viruses and Worms
  • Spam
  • Spyware
  • Identity Theft
  • Phishing

3
Virus Worms
  • Commonly spread as an e-mail attachment such as
    I Love You or My Doom-- consists of hidden
    programming instructions which can automatically
    install when you attempt to open an attachment.
    Results loss of use of computer and data.
    Motivation Bragging rights, With My Doom,
    infected computers used to rely spam.
  • Solution Current Anti-virus software.

4
SPAM
  • Monty Python sketch in flying Circus (theres egg
    and bacon, egg, sausage and bacon, egg and spam,
    bacon and spam, egg, bacon, sausage and spam,
    etc.)
  • Examples Mortgage Rates, Pills, Pornography,
    Rolex Watches
  • Buy Viagra at discounted prices
  • Motivation Selling
  • Solution Delete

5
Why Does Spam Continue?
  • Mirapont and the Radicati Group survey UK found
    nearly one-third of users have opened spam and
    one in ten has made a purchase. Spam URLs often
    link to web sites that install Spyware or other
    malicious code. If no money was gained, Spam
    would be as extinct as the Dinosaurs quoting
    Sophos representative.

6
Whats Being Done to Stop Spam?
  • It is difficult because its not illegal in
    itself.
  • System Administrators filter on KeyWords. It is
    difficult because Spammers change subject lines
    and spoof addresses.
  • Microsoft filed 46 million in damages against
    OptinRealBig.com, 1 of the big 3 spammers. As a
    result OptinRealBig.com was forced to file
    bankruptcy.

7
(No Transcript)
8
(No Transcript)
9
Spyware
  • Newer than Viruses, Worms, or Spam.
  • Identity Theft Spyware have been the main
    source IT problems within the past year.
  • Spyware is software that is installed on your
    computer in combination with a free download, a
    yes response to a Pop-up Ad, or is installed
    just by visiting a website (called drive-by
    download). Once installed, spyware transmits
    information in the background to merchants who
    reimburse spyware companies for the information
    gained to create marketing profiles
  • Symptoms Computer gradually slows to a crawl.
  • Threat Level low, all web information is
    anonymous, may result in need to reinstall
    operating system, data lost.
  • Motivation Monetary
  • Solution Install Spyware blocking software
    (i.e. SpyBot), upgrade to Windows XP2 and turn
    Pop-blocker on, and RUN SpyBot weekly.

10
PHISHING
  • E-Mail pretending to be from trusted names such
    as Citibank or Paypal, but directing recipients
    to rogue sites. Once, there recipients are
    instructed to fill in personal information such
    as Social Security number, PINS, passwords, bank
    or credit card numbers. E-Mails look authentic.
  • Symptoms None
  • Motivation Monetary, large amounts
  • Threat High, Identity Theft, bankruptcy, loss
    of credit rating, Social Security benefits

11
(No Transcript)
12
(No Transcript)
13
(No Transcript)
14
Evolution of Threats Gartner Group 2004
Visibility
Phishing
Spam
Spyware
Viruses Worms
Identity Theft
Permanent Annoyance
New Threat
Maturity
15
Statistics
  • Estimated by Gartner Group in March, 2005, 57
    million consumers had received phishing e-mails,
    and 11 million of them clicked on links taking
    them to forms that try to extract personal
    information. The screens appear to have been
    created by a financial institution or other
    trusted site. An estimated 3 million fill in the
    information, the same return for legitimate mass
    mailings.

16
Why is it Successful?
  • Best identify thefts steal an average of 700,
    not enough for prosecutors.
  • Citizens lack information
  • More than 75 of counties in the US include
    social Security numbers on public documents
  • No international agreements to bar the sale of
    phishing kits or to shut down illegitimate web
    sites

17
And yes,
  • Cons feed our fantasies (luck, recognition,
    helping hand)
  • As many as 150 million phishing e-mails are send
    out every day.
  • Conference in Kiev for people interested in
    breaking into Identity Theft where phishing
    how-to kit are sold for 270.

18
More Success
  • Ratio of risk to reward is appealing to several
    organized crime groups in Brazil and Eastern
    Europe, where the Russian mafia and offshoots
    have assembled crews of crackers, fences, and
    code writers who create and send fraudeulent
    e-mails and convert illgotten goods into hard
    currency.

19
Because
  • Consumers have become accustomed to entering
    credit card information with online purchases, to
    performing online banking
  • To decifer get to know your favorites URL,
    look for misspelling, unusual English context,
    unusual characters.
  • NEVER give out personal information that is
    solicited. Legitimate companies DO NOT initiate
    contact with you.

20
Other Methods of Identity Thefts
  • Garbage
  • USPS mail theft
  • Nigerian Scams (deposit money into my bank
    account and you will be a winner!)
  • Hackers break into servers and access
    confidential records of students and staff.
  • (CA State University, Chico, lost records of
    59,000 individuals Boston College, 100,000.)

21
Data-Brokering Companies
  • Collect personal information. Everyone from
    landlords screening tenants to insurance
    companies weighing drivers risk to human
    resource depts wondering if job applicants are
    ex-felons can buy such data.
  • Compile these reports largely by gathering public
    records

22
What Public Records
  • Property records, phone books, directory service,
    voter registration, questionnaires, warranty
    cards, catalog buyer behavior, product
    registration, motor vehicle reports, police
    reports, license and deed transfer, military
    records, bankruptcies, civil judgments, federal
    and state tax liens, birth, death, marriage, and
    divorce certificates, prior employment, education

23
Who are They?
  • ChoicePoint, Inc., US based, had sales of 795.7
    million in 2004
  • Acxiom Corp., US based, had 1 billion in sales
    (gross includes other sources of income for both
    companies)
  • LexisNexis, London based, had sales of 120
    million in 2004

24
Theft
  • In February ChoicePoint notified 145,000 people
    that their data including credit reports and
    Social Security numbers were stolenLater
    admitted to Congress they had sold the records to
    Identity Thefts by mistake.
  • LexisNexis announced that information on 32,000
    Americans had been illegally accessed by
    criminals.

25
ChoicePoint News
  • April 1 announced that it is developing an
    application that will allow consumers to view any
    information about them that the company collects
    and sells. The records sold will no longer
    include complete drivers license or Social
    Security numbersas a result of congressional
    legislation.

26
Lawsuits Target Phisers
  • Microsoft filed 117 John Doe lawsuits against
    operators of Web sites involved in phishing
    scams. The lawsuits are an attempt to discover
    who is behind the largest phishing operations and
    put them out of business.

27
What Can Happen?
  • Person using your identity creates debt
  • Person using your identity commits crime
  • Person using your identity empties your bank
    accounts, collects your Social Security
  • Detection rate of identity theft is lowest of any
    category of crime. (Jonathan Turley, professor of
    Law, George Washington University, USA Today,
    February 24.)

28
What Can You Do?
  • Obtain one free credit report every 12 months
    from each of 3 nationwide consumer reporting
    companies Equifax, Experian, and TransUnion.
    (If you have a credit score in the high 600
    range or above you should be able to obtain the
    best available rates and terms on loans. More
    often inquiries counterproductive.)

29
What Can You Do cont.
  • Shred USPS mail other documents with personal
    information.
  • Most secure way to receive USPS mail is at a POST
    OFFICE BOX
  • Ask Credit card companies not to send you blank
    checks.
  • Dont respond to Phishing E-Mail.
  • Dont respond to Spam E-Mail.
  • Keep track of all credit card purchases.

30
And do this
  • Protect Social Security Number
  • Lock your mailbox
  • Dont carry more than one or two credit cards.
    Never carry your SS card.
  • Get online passwords for your credit card
    accounts through the companies or financial
    institutions. If a credit card number is stolen,
    a password can kept a theft from accessing your
    account.

31
And maybe
  • Consider opting out of free credit card offers by
    calling 888-567-8688 or online at www.optout
    prescreen.com
  • Dont send money to get money. Dont accept
    money with the promise of wiring or mailing money
    back
  • Dont fax Social Security for possible
    employment to an unverified company.

32
Report Phishing
  • Anti-Phishing Working Group
  • http//www.antiphishing.org/index.html
  • Internet Crime Complaint Center
  • http//www.ic3.gov/

33
Identity Theft
  • Fastest-growing white-collar crime in America
    (FTC Consumer Alert 2002)
  • 27.3 million Americans have been victims of
    identity theft in the last 5 years including 9.9
    million people in the last year alone. (FTC
    Survey 2003)
  • AMEX offers Identity Theft Protection to cover
    legal fees and personal assistance.

34
Dont be Easy Pickings for Undesirables. (Excuse
the Stereotyping) THE END
Write a Comment
User Comments (0)