Introduction
Identity theft fraud is becoming arising common issues around the world including Malaysia, as fraudsters discover more and more ways to get the information which is required to steal someone’s identity. The fraudsters will always keep updated with the technology changes in order to keep avoiding from being arrested. Identity theft involves unauthorized taking of a victim’s personal possessions by involving the perpetrator of the crime taking the victim’s personal information and then using it in an authorized way for their own personal gains.
Identity theft cases in Malaysia come in many forms which is are reported to the law enforcement bodies. The most popular method that the perpetrators used in order to stealing identity information are by access to bank accounts by using phishing emails, offering fake job vacancies on job websites and also phone fraud. There are also other cases of identity theft such as the cloning of ATM card, credit and debit cards, loan and insurance frauds, online purchasing of goods and services and fraudulent registration of vehicles and utilities.
According to statistics, cases involving identity theft fraud have increased over the past 10 years as many people actually do not aware and still ignorant to the existence of identity theft. The reliance on technology and a global information infrastructure such as modern payment system has increased the growth of identity theft cases.
Definition
Identity fraud is the unauthorized use of someone’s personal information for illicit financial gain. Identity fraud ranges from using a stolen payment card account for a fraudulent purchase to opening fraudulent new accounts.
Identity theft is unauthorized access to personal information. It can occur without identity fraud, such as through data breaches. Once the theft is used for illicit financial gain, it will considers as identity fraud.
Identity Fraud Trends
Types of Identity Fraud
The types of identity theft present in our daily lives today are as numerous as they are dangerous and anyone can become a victim. This crime is possible wherever there are opportunities for fraud perpetrators to access and use our personal information for their own benefit. Below are some of the most common types according to identity theft statistics.
Social Security Identity Theft
This one of the most common types of identity theft because the social security number (SSN) is the most valuable government-based identity asset an American can possess. Once our social security number is stolen, fraud perpetrator can either sell it to undocumented workers or use it to steal property and money, or access opportunities and services available only to social security holders.
If our SSN is stolen, there is also the possibility that the identity theft will use our personal information to forge fraudulent documents like passports or open credit card accounts. So that, it is important for us to secure this information and keep our SSN safe from criminals whose sole intent is to use it for their own personal gain.
Financial Identity Theft
Financial identity theft occurs when a person’s credit card and bank account information is stolen and used to purchase goods and services. Oftentimes, the fraud perpetrator will reach until the maximum limit of credit cards or even use account information to access new credit cards or financial services.
This can result in not only a significant loss of money but also prove dangerous or high-risk to an individual’s future purchasing power or financial security. Financial identity theft can result in a low credit score or can lead to serious debts, the inability to access home ownership, and so on.
To prevent such situation, individuals can seek help from the top identity theft protection services. This will enable them to regularly track credit card purchases and receive notification if suspicious purchases have been made every single day. In addition to monitoring our financial accounts, we also need to access safeguards which increased personal information security depending on the type of service we purchase.
Driver’s License Identity Theft
It doesn’t take an expert criminal mind to commit this crime. All the perpetrator needs are access to our driver’s license which can easily occur if we lose it and it falls into the wrong hands.
This identification card can be sold off to another if for instance the person looks similar to the picture on our driver’s license. But in most instances, criminals use our driver’s license in order to hide or protect their own identity if they are caught in compromising or dangerous situations on the road such as reckless driving. When they identify themselves based on the information on our ID they will successfully be able to avoid from going to court or receiving charges as we will be the one the police will attempt to locate, at least in the initial stages.
If the perpetrator is successful, our driving record will be compromised and making life more difficult for us in the future. To prevent this from occurring, secure our driver’s license. We may also make a report to the police if we have lost our license to prevent it from being used indiscriminately.
Criminal Identity Theft
As one of the most common types of identity thefts in America, criminal identity theft affects numerous individuals. This kind of identity theft fraud occurs when an individual commits a fraud or crime under another person’s name. During the process of the criminal act or upon being arrested by law enforcement agents, the criminal will even use a fraudulent ID with the victim’s name and other details.
In order to protect ourself from criminal identity theft, we need to secure our personal information. This includes safe Internet practices and habits as well as purchasing identity monitoring services from reputable identity protection agencies.
Also look out for “shoulder surfers”, individuals who may stay close behind us in an attempt for them to steal information as we use ATMs or type passcodes into computers or mobile devices.
Medical Identity Theft
Medical identity theft occurs when the criminals use an individual’s personal information such as medical identification numbers to access medical products and services. This is one of the most prevalent forms of identity theft with an estimated 2.3 million adults in America affected in 2014 alone. It can lead to financial losses as well as future issues arising from incorrect information present on a victim’s medical history.
Let say our personal information was used to enable a medical procedure or access to specific prescription drugs. In the future this information may be used by medical professionals as they make decisions related to our health. In a case where we are unable to inform them of the error on our record, it could lead to decisions that affect our health and wellness adversely.
In order to prevent these adverse effects, secure our personal information as best as possible. Also report the loss of our medical ID card or any other information we may suspect has been stolen.
Insurance Identity Theft
This type of identity theft fraud is closely related to the medical identity theft. It occurs when the perpetrators steal medical identity information to access the victim’s insurance in order to receive medical treatment. This may have serious impact on the victims as it can lead to the higher insurance premiums and huge medical bills.
The victims must protect themself from this kind of fraud by implementing the same procedures they would use for the most common types of identity thefts. Once they secured their personal information, they’ll feel much more self-assured as well.
Synthetic Identity Theft
Synthetic identity theft is one of the most sophisticated kinds of identity fraud. It sounds rare. This kind of identity theft fraud occurs when criminals use your Social Security Number in combination with fake information. They may use a combination of fake credentials including addresses, names, birth dates and other details resulting in the creating of new identities.
This will enable the fraudsters to open new credit card accounts or access other financial services. They may also use their new identities to build credit or apply for jobs. It is important to note the fact that the main identifying source of information is the stolen Social Security Number. Everything else is a tangled-up mess of lies aimed to deceive the victims, lenders and law enforcement agents.
Since this is one of the most difficult types of identity theft fraud to prevent it is important for the individuals to access the best identity theft protection services available to them.
Tax Identity Theft
Tax identity theft manifests itself through fraudulent tax refund claims. Criminals send these claims to the Internal Revenue Service (IRS) using stolen personal details such as victim’s SSN and name. This can delay victim’s ability to access legitimate tax refunds, causing frustration and loss of funds.
Prevent tor reducing he possibility of becoming victim to tax identity theft fraud by employing safe Internet practices as phishing emails are one of the ways in which criminals can easily steal personal information. The victims also must be cautious in instances where information such as their Social Security Number is solicited. Ensure the request is from a legitimate individual or entity before giving out this information.
Child Identity Theft
This occurs when a child is the victim of the crime. Identity thieves sometimes use a child’s SSN or other personal details to defraud government or access loans or other services. They may also use these details to commit crime.
Prevent the child’s personal details from being used by applying the same preventative measures we would use to protect our own personal information. Teach the child to be cautious about revealing personal information, especially to strangers. This will help young children develop habits that will protect them from the terrors of fraud throughout their lives.
Identity Theft Fraud Schemes
Non-Technological Schemes
Dumpster Diving
Dumpster diving occurs when someone goes through someone else’s garbage to obtain personal identifiable information off items found in the trash, such as credit card bills, utility bills, medical insurance, and bank statements.
To protect ourselves, we should shred everything before disposing of it with a cross-cut paper shredder. Another method to use is to go paperless by receiving statements and making your payments online. Keep track of our credit report and report any discrepancies to your credit card company and credit bureaus.
Shoulder Surfing
This attack may occur anytime when we use a password or a device that stores PIN numbers, such as at an ATM. The identity thief attempts to get close enough to us so that when we enter password information, such as a PIN number, the thief records the password. Although this can typically occur in a public setting, where the victim is and their credentials are in plain sight, it may also occur through a video camera setup by the criminal.
To prevent this from happening, we should be aware of our surroundings when we are accessing any accounts that require us to enter a password or PIN in public. If someone stands too close to us, do not be afraid to ask the person to move back. If he/she is not willing to do so, let the person go first. Remember, it is better to be safe than sorry. If we do not feel safe, try using another machine.
Another method we can use is to try to use cash for our transactions or use a pre-paid credit card. Do not write down our passwords where someone can find them, such as our wallet or purse. Also, take advantage of credit reports, which will help us analyze whether anyone has stolen our identity to access our bank accounts.
Social Engineering
Social engineering is the practice of someone either in person, over the telephone, or computer, uses means to deceive someone else into divulging sensitive information. Usually, social engineers already know some information that will lead the victim to believe they are legitimate and give the information asked. Social engineering is commonly known as a “con game” and is perpetrated by “con-men.”
To prevent this, stay diligent. Do not give out any personal information to anyone that we do not know. If in doubt, do not be afraid to obtain the person’s contact number and let him/her know that we will call him/her back. Verify the person’s identification. Also verify with others or verify with the company the person is representing that such information is really needed.
Technological Schemes
Pretexting
Pretexting occurs when a thief has done prior research on the victim’s personal information and uses this information to bait the victims to release more sensitive information, such as a credit card number or Social Security Number. The schemer will call the victim on the telephone and lead them to believe they are a business that requires this information. Most people tend to believe them, since they have their name, address, and telephone number.
To prevent this, the victims must verify with whom they are speaking to. Ask for a call back number, and question why they need this information. Look for the telephone number of the company the individual says he or she works for. Call the company and ask for the legitimacy of the request.
Man-in-the-Middle Attack
This type of theft involves criminally intercepting communication between two parties and recording the information without the two parties ever knowing about it. The criminal then uses this information to access accounts and possibly steal the user’s identity.
A common scenario consists of making an online search for the URL address of a company, such as a financial institution. Once found, the victim will click on the link to access the website (for example http://www.financialinstitution.com.) However, when the website appeared on your screen, the victim did not notice that the URL web address changed to http://www.atacker.com/http://www.server.com. This is a website that is actually re-directing the victims to another website that mirrors their financial institution’s website. All the information that the victims had entered on this website is rerouted to their financial institution and the information that their financial institution sends to them is re-routed to them. The schemer is recording all the transactions that are taking place between the victim and the institution. The objective is to obtain the victim personally identifiable information, their login and password numbers, or their credit and/or debit card number.
Pharming
This can happen when a hacker tampers with a website host file or domain name system so that URL address requests are rerouted to a fake or spoofed website created by the hacker to capture personal identifying information from victims. The victim then thinks that they are on a trusted website, and are more willing to enter their personal information, such as credit card numbers, social security numbers, and addresses. The hacker then uses that information to commit identity theft.
The possible victims must protect themselves from this type of theft by checking for the padlock symbol in the right-hand bottom of the website scroll bar if it is a merchant website. If it is an organization or an affiliation, contact the website administrator or the organization via phone or email to verify that such information is actually needed before entering in any information.
If the victim entered their credentials without questioning the request and later hear that there’s a phishing scheme going on, request that their account be terminated. The victims must review their credit report to verify that there’s no unauthorized activity.
Prevention for Identity Theft Fraud
If we didn’t want to use the existing credit cards, please do not throw away. Same goes to the ATM receipts, credit statements, or bank statements in a usable form.
If we receive any phone call from unrecognized person, never give our credit card number over the telephone unless we make the call.
Make the activity of reconcile the bank account as monthly routine and notify our bank of discrepancies immediately.
We must keep a list of telephone numbers to call to report the loss or theft of the wallet, credit cards, etc and bring it everywhere we go.
If there are any unauthorized financial transactions in the bank account, please make report to the bank, credit card company, and the police as soon as you detect them.
Reviewing a copy of credit report must be done at least once each year. Notify the credit bureau in writing of any questionable entries and follow through until they are explained or removed.
If our identity has been assumed, ask the credit bureau to print a statement to that effect in our credit report.
If we know of anyone who receives mail from credit card companies or banks in the names of others, report it to local or federal law enforcement authorities.
The Causes or Opportunity that Identity Theft Fraud Becomes Vulnerable
Identity theft fraud often involves stealing of electronic data. It is very time-consuming for victims to fight towards it and takes a long time to recover from. Often, the perpetrators are never caught, and the victims’ credit scores suffer tremendously. Accordingly, smart consumers will check their credit often (normally in monthly basis) in order to detect identity theft before it gets out of hand (or statutes of limitation occur), they will avoid giving data out unnecessarily, and they are alert to changes in normal financial routines, such as bills that no longer arrive, mysterious bank charges, or communications from the IRS that more than one tax return was filed in their name.
In public places, for example, criminals may engage in “shoulder surfing”, which is the criminals will watch the probable victim from a nearby location as the victim punch in their telephone calling card number or credit card numberĀ or listen in on that conversation if the victim give their credit-card number over the telephone.
If we receive applications for “pre-approved” credit cards in the mail, but discard them without tearing up the enclosed materials, criminals may retrieve them and try to activate the cards for their use without our knowledge. Also, if our mail is delivered to a place where others have ready access to it, criminals may simply intercept and redirect our mail to another location.
Many people respond to “spam”, which is unsolicited E-mail, that usually make promises to them some benefit but requests identifying data, without realizing that in many cases, the requester has no intention of keeping his promise. In some cases, criminals reportedly have used computer technology to steal large amounts of personal data.
References
https://www.merriam-webster.com/dictionary/identity%20thefthttps://www.mountainalarm.com/blog/9-most-common-types-of-identity-theft/https://www.fbi.gov/scams-and-safety/common-fraud-schemes/identity-thefthttp://www.utica.edu/academic/institutes/cimip/idcrimes/schemes.cfmhttps://www.javelinstrategy.com/coverage-area/2018-identity-fraud-fraud-enters-new-era-complexityhttps://www.justice.gov/criminal-fraud/identity-theft/identity-theft-and-identity-fraud