Identity Theft

From Computing and Software Wiki

Revision as of 21:16, 7 December 2007 by Todica (Talk)
(diff) ← Older revision | Current revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Identity Theft - (also known as Identity Fraud) refers to crimes in which personal information is obtained without person’s and used by a criminal or an impostor to commit a fraud or a crime usually for the purpose of economic gain. Some information commonly used by the thieves is: social insurance number (SIN), driver's license, credit card or bank information, birth certificate, passport etc.

According to PhoneBusters there were 7778 reported identity theft complains in Canada for 2006 (which resulted in a $16,283,776.91 loss).



Identity theft is usually divided into two main types based on the uses of stolen information:

  • True Name Identity Theft : Refers to the situation in which stolen personal information is used to open new accounts or obtain services (criminal/thief adopts your identity).
  • Account Takeover Identity Theft : Refers to the situation in which stolen information is used to gain access to existing accounts (criminal/thief uses your personal information).

Identity Theft Resource Center (ITRC), a California based nonprofit organization working on prevention and understanding of identity theft, actually sub-divides identity theft into four different types or categories based on information provided by the victims. According to their annual victimization survey report, Identity Theft: The Aftermath 2006, ITRC uses the following four types:

  • Financial : includes both account takeover and creation of new account (this is statistically the most reported type).
  • Criminal : victim's name is provided to the law enforcement to avoid charges in thief/criminal's name.
  • Governmental : victim’s information used to obtain government benefits (employment, driver’s license, welfare, etc.).
  • Cloning : usually refers to the combination of other identity types or categories (because of this it is considered the most serious).

Obtaining information

Listed below are some common approaches by thieves/criminals in acquiring personal information:

  • Dumpster Diving: Thieves go through your garbage looking for bills and other documents containing personal information.
  • Skimming: Using fabricated devices thieves steal credit card and debit card information during payment.
  • Phishing: Thieves will pretend to be legal institutions or companies and send spam or pop-up messages to acquire personal information.
  • Address Change: A change of address is initiated by the thief in order to receive your mail for particular bills or documents which provide personal information.
  • Stealing: Thieves will steal wallets, purses, mail, personnel records or bribe employees who have access to personnel records.
  • Pretexting: Pretexters obtain someone’s personal information under false pretences and then sell it to thieves who later use it to commit crimes in your name.

Reduce the risk

Unfortunately identity theft cannot be entirely prevented but there are several steps which can be taken in order to minimize the risk of becoming a victim. Two most important aspects are to be aware of the risks present, regularly monitor your personal information and act quickly to prevent or reduce the damage.

Common signs

Some common signs associated with identity theft which may be worth investigating are:

  • Irregularities in financial statements : If bank statements, credit card statements, bills or other mail which is received on a regular basis is late or missing it may have been stolen, tampered with or the address may have been changed.
  • Calls from collection agencies and creditors: Any calls from financial institutions or collections about an existing account (which may have been taken over) or new accounts which you have not opened.
  • Unusual activity on your current bills or statements: Withdrawals or transfers from your account or other surcharges which look suspicious.

Good practice

Some good practice to reduce the risk of becoming a victim:

  • Be aware of the risks – risk associated with Internet, sharing sensitive information over the phone etc.
  • Monitor personal information on a regular basis – keep an eye for inconsistencies and act quickly.
  • Carry only the minimum identification required - do not carry important documents with you at all times.
  • Check your credit ratings – obtain a copy of your credit ratings at least once a year and look for anything unusual.
  • Properly dispose of personal information - shred any bills, statements or other documents containing your personal information.

These simple steps will make it much harder for the thief to obtain your personal information. Most of them are common sens, however peoples still neglect to do most of them.

What to do if it happens to us ?

Government of Ontario provides a five steps guideline procedure if we do become a victim of identity theft:

  • Step One – Contact the financial institution(s) which issued the goods or services to the thief in your name.
  • Step Two – Contact the national reporting agencies (Trans Union Canada & Equifax Canada) and obtain a copy of your credit report. . The option of placing a fraud alert on your file should also be discussed so creditors have to contact you before opening any new accounts in your name.
  • Step Three – Report the incident to the police and obtain a police report if possible (all the actions taken so far should be documented in the police report).
  • Step Four – Contact PhoneBusters and report the incident. PhoneBusters offer victime assistance and tips such as Identity Theft Statement Form which can be filled in and provided to financial institutions (the form contains most of the information financial institutions need to begin an investigation).
  • Step Five – In case of a government-issued document get it cancelled immediately by contacting the appropriate authorities.

See also

Anti-spam Systems and Techniques
Biometrics in Information Security
Biometric systems regarding security design principle
Electronic Voting Systems
Information security awareness
Operating Systems Security
Payment Card Industry Data Security Standard
Random Number Generators and Information Security
Security and Storage Mediums
Smart Card technology to prevent fraud
Social engineering
The Mitnick attack

External links


"Archive." Public Safety Canada. 17 Nov. 2007 <>.

"Canada Identity Theft and Fraud." Credit Report Canada. 28 Oct. 2007 <>.

"Consumer Protection Overview." Government of Ontario. 27 Oct. 2007 <>.

"Definitions." SearchSecurity.Com. 23 Nov. 2007 <,,sid14_gci801871,00.html>.

"Don'T Be the Next Victim." Identity Theft Info. 27 Nov. 2007 <>.

"Fact Sheet." Privacy Commissioner of Canada. 27 Nov. 2007 <>.

"Fight Back Against Identity Theft." Federal Trade Commission. 17 Nov. 2007 <>.

"Identity Theft." Consumer Measure Committee. 27 Nov. 2007 <>.

"Identity Theft." PhoneBusters. 27 Oct. 2007 <>.

"Main Page." Identity Theft Resource Center. 18 Nov. 2007 <>.

ITRC Staff, and Charles Nelson. Identity Theft:the Aftermath 2006. Identity Theft Resource Center (ITRC). 2006. 1-31. 18 Nov. 2007 <>.

--Todica 20:28, 2 December 2007 (EST)

Personal tools