Computer Crimes Essay
In addition to the security of personal time and space, each person seeks to ensure that his or her personal data are unavailable to the public. However, this goal is not always achievable, since at the moment, identity theft is among the fastest growing financial crimes. The theft of personal information and its later use for fraudulent purposes is not a new type of criminal activity. However, during the last decade, the fraud through the use of stolen personal data has acquired such scale that it has become a problem of national significance for the United States. The electronic age has also opened the possibility of abusing the social security numbers of citizens. Since many operations on processing applications for state benefits, allowances, and pensions are now committed electronically, scammers who possess stolen personal information easily pretend to be other citizens and get the state aid under their name. Another common type of abuse is the purchase of cars and rental of apartments at somebody else's expense. All these facts contribute to the relevance of the selected topic. Therefore, the following research is dedicated to the study of the problem of identity theft, the identification of methods used by the criminals to seize personal data, and possible solutions to this issue.
The crime known as identity theft takes place when a criminal steals information about another person, mostly the social security number (SSN) or the driver's license. After that, he or she uses this information in order to impersonate an individual, from whom it was stolen, with the purpose of a material gain (Hanel, 2011). It is often referred to as a white-collar crime, since it often involves the representatives of "white collars" – the personnel engaged in the administrative work. For example, employees of a bank or any other financial institution who have access to the personal data of their clients, namely, SSN or the credit card number, may use it for their malicious purposes (Gottschalk, 2010). As a result, the theft of personal information is a rather uncomplicated crime, since even a small amount of personal data allows the criminals to achieve a variety of results. First of all, by using the stolen data (name, social security number), the criminals can open an account and draw up a new credit card. As a result, all the bills of the scammer will be paid by his victims. Moreover, scammers may call the issuer of the credit card of the victim, and, by hiding behind his or her name, change the mailing address for the account. In order to gain the trust of their future victims, many criminals are using their ethnic, religious or any other professional community. In particular, people engaged in administrative work (the white collars) often possess developed communicational and psychological skills, which are required in their line of work. Therefore, they are aware of the characteristic features of a man's nature to trust someone who is similar to him in some way (Benson & Simpson, 2009). Often, the white collars who act as the organizers of fraud are the members of such community or declare their affiliation to it, referring to themselves as its authoritative and respected members. The victims of these scams often prefer to deal with the problem on their own within a community or group. Finally, some employees from the rank of white collars may use the so-called black box for organizing the fraud. This device stores the data about credit card numbers of the visitors of the city's restaurants and shops, which can be used to manufacture fake credit cards (McNally, 2012).
Due to its simplicity and the growing popularity of services that are provided remotely, identity theft has become widespread in the United States in the XX century. Most of these crimes are associated with the prevalence of SSN as an identifier for the individual. According to the estimates, the price for a set of information for identity theft, including the address and SSN, ranges from 16 to 30 dollars on the black market, making this crime accessible for almost anyone (McNally, 2012). The probability of becoming a victim of this crime is estimated to be about 2% for the average American citizen (Hoffman & McGinley, 2010). Although this figure is low, the number of cases of identity theft grows with each passing year, making it the most rapidly spreading white-collar crime and the problem of national significance.
Methods and Solutions to Identity and Data Theft
In order to address the issue of identity theft, it is imperative to study the methods used by the criminals to acquire personal information. Therefore, it should be noted that the primary reasons for an increase in the number of cases of identity theft can be divided into two groups. First of all, there are subjective reasons associated with a lack of awareness and responsibility of the participants of information relations in the field of protection of their interests. In particular, personal data may be acquired physically (McNally, 2012). For example, a thief may steal a wallet that contains a driver's license, a credit card or even SSN besides money. In some cases, dishonest employees of financial institutions may seize documents forgotten by the client. Moreover, a scammer may even use a transactional data on the trading slip that has been thrown away by the cardholder. It should be noted that the last two methods of identity theft are often used by dishonest white collars (the administrative workers), since their job often provides them with access to private information in its physical manifestations (documents, checkbooks, and trading slips). However, remote ways of stealing data are more widespread and thus it is much easier to conceal a theft. The most common of them is phishing – sending an e-mail under the name of a bank or financial institution with a request to confirm some information from the user profile, namely the password or username (Rule & Greenleaf, 2008). The retrieved data may be used to acquire a full access to the profile and get all the private information from it. Phishing can also be performed via SMS or voice messages. Therefore, the negligence and low awareness of the clients are one of the primary causes of an increase in the number of cases of identity theft (Weisman, 2014). According to the data of the Federal Trade Commission, more than half of the victims of identity theft knew how the criminals managed to get access to their finances. They have either lost their credit cards and checkbooks or found out that someone has stolen their mail (Hoffman & McGinley, 2010).
The most basic and, at the same time, the most difficult solution to this problem is raising of awareness of individuals of their security in the use of Internet services. This measure can be implemented through various visual aids, memos, specialized pages on the financial institutions' websites, and promotional materials. Banks should persistently notify their clients about security measures and give them a detailed guidance on the application of protective measures, including anti-virus software with features protecting from spyware (Rule & Greenleaf, 2008). Despite all the difficulties associated with its implementation, this solution is of utmost importance, since identity thefts have a particularly adverse effect on the well-being of Americans with the low level of education, primarily those who are related to racial and ethnic minorities. In general, it takes them about six months or more to notice that there is something wrong with their accounts. Meanwhile, the less is the time between the case of identity theft and the disclosure of this fact by the victim, the less is the damage. As a result, consumers who have not graduated from college (15% of the total number of victims) as well as those who belong to racial minorities (19% of the total number of victims) suffer greater losses than their better educated compatriots (Hoffman & McGinley, 2010).
The second group includes objective reasons associated with the applicable software and hardware tools. In particular, criminals may exploit critical bugs or weaknesses in the programs or use malicious software to acquire personal data of a victim. In this case, the most common method of acquiring personal data is spyware – a program that transfers data from the hard disk of the computer to another one. Such programs are usually accidentally loaded on the hard drive, for example, by opening a file attached to an e-mail message. In particular, spyware can record a sequence of keys when entering passwords, user names, credit cards, and security numbers (McNally, 2012). Another popular method of data theft that is associated with hardware tools is skimming. This method is based on embedding the devices for reading data at the opening of the ATM, where the bank card is inserted. Therefore, each time a client performs transaction or any other banking operation, the information about it is transferred to the criminals. It should be noted that skimming can also be used in shops and restaurants to retrieve data from the bank cards of the visitors. Finally, the same objective can be achieved by the installation of malware directly into ATM. However, it should be noted that such methods can only be used by those who have physical access to the ATM, because these devices work in closed networks. Thus, the installation of a malicious device or software requires the participation of an employee of a financial institution or an error in the password management. As a result, the white collars often become participants of such crimes by providing the criminals with physical access to the ATM or committing it by themselves (Benson & Simpson, 2009).
Solutions to this issue include software and password protection as well as the general awareness. The basis of such protection is the use of secure software and its timely update. An incoming e-mail must be checked with antivirus software, and the virus database must be constantly updated. The firewall must be configured to prevent the penetration of intruders in the network or computer. The passwords for protection of the accounts must be strong, combining uppercase and lowercase letters with symbols. Moreover, it is also better to avoid using a bank card in the remote or standalone terminals, shops and restaurants as the risk of becoming a victim of identity theft is especially high there (Weisman, 2014).
Finally, it should be noted that the problem of identity theft affects not only individuals but also financial institutions, such as banks. In particular, they suffer losses from the actions of fraudsters who use stolen personal information to create a so-called multiplied personality. In such cases, criminals use various parts of personal information stolen from different individuals to create a synthetic bank customer who does not really exist. For example, they may combine a social security number stolen from one person, with the address of the place of work or a driver's license number stolen from another one. As a result, a real-life person, whose private data was stolen, cannot determine that his bank accounts or credit cards have become a subject of fraud. Similarly, banks or other credit card companies cannot quickly identify such synthetic personalities and prevent large-scale losses from fraud. According to security experts, up to half of cases of identification fraud in the United States is performed by creating the non-existent in reality, which is synthetic to a customer (Hoffman & McGinley, 2010).
The solution for this problem is the use of special software that can "calculate" identity fraud through the analysis of financial transactions of clients. However, the effectiveness of such software can be low due to the fact that identity fraud is often perpetrated not by individuals, but the entire criminal groups. Therefore, the determination of fraudulent acts on the basis of analysis of financial transactions can be used only when there is credible information about the number of customer accounts from different banks with the same place of residence, social security number, place of work and the other similar characteristics of consumer behavior (Morgan & Boardman, 2012).
Due to the rapid development of informational technologies, the problem of identity theft has risen to a nationwide scale in the U.S. The personal information may be stolen in a variety of ways. However, all technical measures aimed at the prevention of such events will be inefficient unless awareness and responsibility of the members of society in the field of protection of their interests remains on the same level. As it was mentioned before, the cause of the majority of such crimes is negligence and irresponsible attitude towards personal security. Therefore, in order to reduce the crime level and avoid becoming a victim of identity theft, it is imperative to carefully check any received information and exercise utmost caution in case there is a need to transfer personal data to anyone else. By being equipped with the abovementioned technical solutions, these measures will allow reducing the number of data theft incidents as well as the frequency of their occurrence to average citizens.