Information Technology has grown tremendously during the last few decades and the Internet has become the main source of knowledge. The latest information and the current technology are available through the Internet making it the most valuable source of information to almost all people from the novice to the expert in all fields of knowledge. With the increase in use of the
Internet as well as the Internet enabled devices and all the data moving towards cloud it’s also creating a danger for the users to become a victim of cyber crimes.
We try to explore some of these cyber crimes and the ways to protect from them. There are various types of cyber crimes taking place in various cyberspaces all over the world then we will focus and explain one of the major cyber-crimes commonly known as: identity theft or identity fraud. We also discuss the ways to protect ourselves from such crimes with help of few user-friendly tricks.
Identity theft is the most commonly occurring cyber crime and is a great threat toward the economy of an organization as well as governments as it targets the e-commerce system as well as banking and other financial systems. Identity theft also includes impersonating a person and using that knowledge for disastrous purposes.
The growing danger from crimes committed against computers, or against information on computers, is beginning to claim attention in national capitals. In most countries around the world, however, existing laws are likely to be unenforceable against such crimes. The rule of law must also be enforced. Countries where legal protections are inadequate will become increasingly less able to compete in the new economy. As cyber crime increasingly breaches national borders. It is essential for nations to safeguard their cyberspace.
The effects of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber crime on society and government is estimated to be billions of dollars a year. At an organizational level, cyber crime may involve the hacking of customer databases and theft of intellectual property. Many users think they can protect themselves, their accounts, and their computers with anti-spyware and anti-virus software only.
Cyber criminals are becoming more sophisticated and are targeting consumers as well as public and private organizations. Therefore, additional layers of defense are needed. Nowadays, there is a huge variety of cyber threats that can be quite dangerous not only for big companies but also for ordinary user, who can be a potential victim for cyber-criminals when using unsafe system for entering confidential data, such as login, password, credit card numbers, etc. Among popular computer threats it is possible to distinguish several types of them depending on the means and ways they are realized. They are phishing, exploiting vulnerabilities, threats for mobile phones, IP-communication threats and social networking threats and even spam.
All of these threats try to violate one of the following criteria: confidentiality, integrity and accessibility. Lately, malicious software has turned into big business and cyber criminals became profitable organizations and able to perform any type of attack.
Phishing is a current social engineering attack that results in online identity theft. In a phishing attack, the attacker persuades the victim to reveal confidential information by using web site spoofing techniques.
Social engineering is one of the strongest weapons in the armory of hackers and malicious code writers, as it is much easier to trick someone into giving his or her password for a system than to spend the effort to hack in. By 2007 social engineering techniques became the number-one method used by insiders to commit e-crimes, but unsuspecting users remain the predominant conduit for the authors of malicious code.
Identity theft is a one of the fastest growing crimes in which a hacker acquires confidential pieces of personal information in order to use it for own personal gain and harming the target financially or socially. Microsoft extends the definition of identity theft to be any kind of fraud that results in the loss of personal data, such as passwords, user names, banking information, or credit card numbers. Identity theft techniques can range from unsophisticated, such as mail theft to sophisticated tricks like credit card frauds in which a pretender adopts somebody else’s identity to gain access to their assets. Identity theft is not new, and there have always been frauds that would use someone’s personal information such as name, e-mail ids, credit card number or other identifying information to carry out fraudulent activities. However, technology, mainly the Internet, facilitates more harming schemes that in many cases results in financial loses and in some cases the victims of identity may experience difficulty obtaining credit or restoring their name and the public knowledge if any harm is done publicly. As well more than 50 percent don’t even know that the security of their account has been compromised, so many of these identity thefts/frauds cases go unnoticed and are not reported to the law enforcement agencies.
How to prevent yourself from Identity Theft attacks
The following techniques if used properly can help in bringing down the rate of identity theft related attacks:
• User Awareness: User awareness is very important when it comes to battle identity theft as most of the users are unaware of the techniques used for these attacks they fall victim to them or are unable to detect these attacks due to lack of knowledge. Organizations need to properly brief their employees regarding identity theft attacks and countermeasures for these attacks.
• Keep strong and complex passwords: As the statistics have shown that more than 50% of people use simple or top ten passwords for almost all their accounts this can lead to disastrous results in case security of one account is compromised. Don’t use passwords like: passwords, 12345, QWERTY, iloveyou etc.
• Use password managers: Password managers help in setting strong complex passwords and the users doesn’t has to remember them as they are used in the software’s database so it leads to less probability of security breach from dictionary or brute force attacks. LastPass is a good example of password manger software.
• Use two-factor authentication: Two Factor Authentication is a security feature that adds an extra layer of authentication and helps in preventing the user account even if login credentials are compromised.
• Use virtual keyboards on public workstations: As public workstations might have Trojan software or keyloggers installed that can record every keystroke that user makes virtual keyboard help in mitigating that problem.