Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Cyberside of Identity Theft GAAE Conference Georgia Perimeter College February 1, 2008.

Similar presentations

Presentation on theme: "The Cyberside of Identity Theft GAAE Conference Georgia Perimeter College February 1, 2008."— Presentation transcript:

1 The Cyberside of Identity Theft GAAE Conference Georgia Perimeter College February 1, 2008

2 Who Is at Risk? You Are!!!

3 Identity Theft What is it? Growing incidence of high-tech How does it happen? How can I prevent it?

4 What Is Identity Theft? n : the co-option of another person's personal information (e.g., name, social security number, credit card number, passport) without that person's knowledge and the fraudulent use of such knowledge --

5 Federal Identity Theft and Assumption Deterrence Act 18 U.S.C. § 1028(a)(7)‏ Federal law passed in 1998 Prohibits “knowingly transfer[ring] or us[ing], without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.”

6 Georgia Statute §16-9-121. Identity Fraud Law “A person commits the offense of identity fraud when without the authorization or permission of a person with the intent unlawfully to appropriate resources of or cause physical harm to that person, or of any other person, to his or her own use or to the use of a third party he or she: (1) Obtains or records identifying information of a person which would assist in accessing the resources of the other person; or (2) Accesses or attempts to access the resources of the other person through the use of identifying information.”

7 Identifying Information (Partial List)‏ Names (current or former)‏ Social Security numbers Driver’s license numbers Bank account/credit card numbers Birth dates Tax identification numbers Medical identifications

8 Statistics Source: Federal Trade Commission Identity Theft Data Clearinghouse report Over 674,300 consumer identity theft & fraud complaints received in 2006 36% classified as identity theft, 64% as other fraud. Reported losses of over $1.1 billion (up from $547 million two years earlier).

9 Statistics (cont.)‏ Georgia's statistics 8,084 cases reported to FTC in 2006 Sixth-highest in nation

10 ID Theft in Atlanta -- 2006 Atlanta-Sandy Springs-Marietta, GA Metropolitan Statistical Area Theft Type Complaints Percentage Credit Card Fraud1,39824.5 % Bank Fraud1,14220.0 % Phone or Utilities Fraud 91316.0 % Government Documents or Benefits Fraud 76713.4 % Employment-Related Fraud 467 8.2 % Loan Fraud 292 5.1 % Other Identity Theft1,40424.6 % Attempted Identity Theft 339 5.9 % Total:5,710

11 Statistics (cont.)‏ Losses to banks and final institutions Estimated $48 billion in 2003 Average loss per business victim $10,200 Average loss to individual victims $1,180 175 or more hours resolving problems over two or more years

12 Who Commits Identity Theft? Professional thieves Strangers Employees of businesses Family members and relatives Friends/acquaintances

13 How Does Identity Theft Occur? Non-technological methods still used “Dumpster diving” Dishonest employees Mail theft/interception Masquerading and “Social hacking” “Shoulder surfers” Telemarketing scams

14 How Does Identity Theft Occur? (cont.)‏ Technologically-based theft is growing exponentially Wireless invasion/interception Malicious software “Phishing” and “Pharming” schemes

15 Wireless Invasion/ Interception Unsecured wi-fi networks Public, “open private” or poorly secured Unsecured computers Missing password protection “Clear data” transmissions Failure to use encryption techniques Failure to use secure sites

16 Malicious Software Keyloggers and screenloggers monitor data as user inputs it, send data to remote servers for exploitation Email/IM redirectors intercept legitimate communications, relay copies to unintended destinations Session hijackers and web trojans mimic legitimate websites but aren't

17 Malicious Software (cont.)‏ System reconfiguration attacks modify network settings on user's computer “Pharming” -- redirection to a fake website

18 Data Characteristics Used in conjunction with malicious software Certain programs store data in known locations Many types of data follow specific patterns

19 “Phishing”

20 How Can I Prevent It? Total prevention is impossible! Minimize risks as much as possible Use common sense!!!

21 Protect Your Information Do not give out information unless you must! Ask why a piece of information is needed You can refuse to give information, but you may not receive the service in return Do not use your Social Security number as an identification number Needed by IRS, SSA

22 Protect Your Information (cont.)‏ Make sure you know who is requesting the information Are they legitimate? Do not give out personal information unless you initiate the call/email/web site visit

23 Protect Your Information (cont.)‏ Be especially cautious with the “big three”: Social Security number Passport number Bank/credit account numbers

24 Protect Your Technology Control access to computers and networks Passwords Minimize visibility Minimize storage of sensitive data on insecure systems If you must, encrypt it!

25 Protect Your Technology (cont.)‏ Keep safeguards up to date Operating system updates Security program updates Schedule regular system maintenance Scan at least weekly

26 Protect Your Data Never send important data to unsecure sites Look for https: as the start of the web address When using public computers Always close programs you've used Always log out properly Always clear cache and other private data

27 Further Reading GetNetWise Protecting Your Identity in the Virtual World The Crimeware Landscape wareReport.pdf wareReport.pdf

28 Resources -- Federal Agencies Federal Trade Commission Department of Justice Social Security Administration U.S. Postal Inspection Service

29 Resources – State Agencies Georgia Stop Identity Theft Network

30 Resources -- Nonprofit Organizations Better Business Bureau Identity Theft Resource Center Privacy Rights Clearinghouse

31 Opt-Out Resources http://www.dmaconsumers. org/offemaillist.html Email marketing consumers/offmailinglist.htm Direct mail marketing offers Write each credit bureau individually Credit Bureau marketing lists 1-888-5-OPTOUTPre-screened credit offers

32 In Closing This presentation is available online at

Download ppt "The Cyberside of Identity Theft GAAE Conference Georgia Perimeter College February 1, 2008."

Similar presentations

Ads by Google