Presentation is loading. Please wait.

Presentation is loading. Please wait.

BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Online Angus M. Marshall BSc Ceng MBCS FRSA University of Hull Centre for Internet Computing with assistance.

Similar presentations


Presentation on theme: "BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Online Angus M. Marshall BSc Ceng MBCS FRSA University of Hull Centre for Internet Computing with assistance."— Presentation transcript:

1

2 BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Online Angus M. Marshall BSc Ceng MBCS FRSA University of Hull Centre for Internet Computing with assistance from Mike Andrews (DERIC), Brian Tompsett (University of Hull), Karen Watson (DERIC & University of Hull)

3 BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Online Examination of Nature of online identity Reasons for identity theft Methods of identity theft

4 BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Acquisition and use of credentials to which the (ab)user has no legitimate claim. Process of acquiring and using sufficient information to convince a 3 rd party that someone or something is someone or something else.

5 BAHID, Sheffield, 2 nd Nov. 2003 Types of Identity Online Personal Corporate Network

6 BAHID, Sheffield, 2 nd Nov. 2003 Personal Identity Online Artificial Created to : Verify the rights of a system user. Control access to resources/actions. Generally token-based Username & password Cryptographic keys Swipe cards, dongles etc.

7 BAHID, Sheffield, 2 nd Nov. 2003 Corporate Identity Corporate presence Web site e-mail address(es) Domain Name(s) Relationships to other bodies Logos Names Trademarks + personal identity credentials

8 BAHID, Sheffield, 2 nd Nov. 2003 Network Identity Unique within network Equipment address MAC (hardware) IP (software) Name Usually mapped to address Primarily for humans' benefit

9 BAHID, Sheffield, 2 nd Nov. 2003 Why steal an identity ? Personal Financial gain Revenge Corporate To create an air of authority/legitimacy Assist in theft of more identities Network To disguise real origin of data/traffic

10 BAHID, Sheffield, 2 nd Nov. 2003 Methods of identity theft Protocol weaknesses Gullible users Malicious software Data Acquisition

11 BAHID, Sheffield, 2 nd Nov. 2003 Protocol Weaknesses Origins of communications protocols Little security built-int Minimal verification Based on trust e.g. SMTP reliably relays the From field as presented by the sending machine. Many mail clients believe it, though it is not checked.

12 BAHID, Sheffield, 2 nd Nov. 2003 Gullible users Users are targetted by forged e-mail (requiring corporate ID theft) e-mail contains an obfuscated link to a WWW page Page appear to be legitimate (corporate ID theft) User re-enters verification tokens Criminal empties bank account. Phishing PayPal, NatWest, Halifax, Nationwide

13 BAHID, Sheffield, 2 nd Nov. 2003 Malicious Software Viruses, Trojans, Worms Attack insecure machines Servers & home systems Implant proxies, relays, servers Become distribution nodes for illegal material Hide the true source of the material Make it difficult to trace Distributed Layered

14 BAHID, Sheffield, 2 nd Nov. 2003 And there's more Data acquisition

15 BAHID, Sheffield, 2 nd Nov. 2003 Data acquisition – case study Benefits agency informed of a suspected case of benefits fraud Initial inspection Family living well beyond their visible income Large house expensive cars several expensive holidays per year Ponies & stabling Surveillance authorised

16 BAHID, Sheffield, 2 nd Nov. 2003 Surveillance Cameras & observations at post offices etc. Claimants seem to be claiming in several names Receving more than legitimate entitlement Authorisation granted to search house.

17 BAHID, Sheffield, 2 nd Nov. 2003 Search & Seizure In addition to benefits-related material Benefit books etc. Several Personal Computers Internet enabled Forensic Computing applied to recover data

18 BAHID, Sheffield, 2 nd Nov. 2003 Forensic Computing Non-invasive data recovery and examination revealed : Regular access to sites such as 192.com Data aggregator Phone books Electoral Register All for names similar to those of the suspects

19 BAHID, Sheffield, 2 nd Nov. 2003 Further computer-based evidence Multiple accesses to online loan application sites Unsecured loans £25000 maximum

20 BAHID, Sheffield, 2 nd Nov. 2003 What had been happening ? In addition to the fraudulent benefits claims (mainly for deceased relatives), the suspects seem to have been creating names similar to theirs Searching for these names on 192.com Applying for loans in these names Giving current address Giving 192.com results as previous address Receiving loans

21 BAHID, Sheffield, 2 nd Nov. 2003 How did they get away with it ? Banks, credit reference agencies have well- known process for verifying ID. Check electoral register etc. Information freely available, but made easier by aggregators such as 192.com Fraudsters had access to the same data & understood the process Virtual guarantee of success Inadequate cross-referencing and checking of historical material by lenders

22 BAHID, Sheffield, 2 nd Nov. 2003 Fraud becoming easier More personal data (already available through govt. agencies) is being put online Land Registry (name, address, size of mortgage etc.) Companies House (name, address of directors)... More opportunities for aggregation More opportunities for complete ID History to be built.

23 BAHID, Sheffield, 2 nd Nov. 2003 Solutions ? ID verifiers need to take more active role Better anomaly checking Better use of historical data Be more suspicious generally ID holders need to take more care Disclosure of secret info (PINs, passwords, Credit Card check numbers)

24 BAHID, Sheffield, 2 nd Nov. 2003 What about ID cards ? ID cards are token-based verification They are NOT the identity, just a way of attempting to verify it. They don't work at a distance – can't examine the presenter directly Once information has been disclosed to the challenging party – what happens to it? Stored, modified, re-used without permission ?


Download ppt "BAHID, Sheffield, 2 nd Nov. 2003 Identity Theft Online Angus M. Marshall BSc Ceng MBCS FRSA University of Hull Centre for Internet Computing with assistance."

Similar presentations


Ads by Google