Friday, September 27, 2019

Understanding the dangers of identity theft and how a company or Essay

Understanding the dangers of identity theft and how a company or individual can be protected from it - Essay Example As advancement in technology made access to information easier, many unscrupulous people take advantage of their skills and steal sensitive information from companies and private persons online. According to the Identity Theft Resource Center, a non-profit organization based in the United States (www.idtheftcenter.org), in 2010, there were about 662 cases if information security breaches reported in the United States but the actual number may be higher since not many people and organizations report breaches on their information security system. People whose identity have been assumed by another can suffer tremendous loses. Note that once somebody steals another person’s identity, he or she may be able to access the bank accounts and other personal information of the victim (Abagnale, 2007). As it is, there is a big possibility that the victim may lose money and assets on the process. Aside from taking money and other assets from their victims, some identity thieves use the ide ntity of their victims to commit crimes (Cullen, 2007). For instance, an identity theft can sue the identity of his or her victim in fraudulent online transactions so when the fraud is reported to the police, the police go after the identity theft victim. As it is, it is very important that individuals and organizations understand the kind of risks that they are in and do something to protect themselves from identity thieves. II. Ways and Means Employed by Identity Thieves to Gain Access to Important Information There are a number of ways to commit identity theft but the most common are social engineering, phishing and hacking attempts. Social engineering is committed by exploiting human psychology to gain entry to databases, computer systems and even buildings with sophisticated security system (Hadnagy, 2010). Note that instead of attacking the software or system used by a company or individual, the identity theft uses mind tricks to retrieve sensitive information for the people i nside the building and the people who are running the databank or the system (Hadnagy, 2010). To get the information that he or she needs to gain access into the building or the database, the identity does a lot of research and identify the key persons who he or she will retrieve the needed information (Wilhelm, 2010). For instance, if the identity theft wants to gain access to a database, he or she may pose as a computer technician or IT support person and trick an employee in the IT division to divulge passwords and codes to gain access into the system. Although the basic principles of trickery used in social engineering may sound simple, the execution of the act requires careful planning and psychological manipulation skills (Mitnick, 2003; Allsopp, 2009). When planning its strategies to defraud his or her victim, the identity needs to gather all the necessary information to trick the victim. To do this, he or she may access the personal information of the person targeted using e xisting social networks such as facebook, linked in and others (Mitnick, 2003; Wilhelm, 2010). Note that a good number of users of these online networking sites tend to give out personal information such as e-mail addresses and even telephone numbers online which may them relatively easy preys for identity thieves (Wilhelm, 2010). From the information gathered from these social networking sites, the identity may now be able to psychologically manipulate the victim into giving him or her sensitive information. In most cases, the deception happens online or through the phone so the identity theft and his or her victims do not actually come face to face (Allsopp, 2009). Aside from social engineering, phishing is also commonly used by identity thieves to steal information from their victims. To steal information from their victims, identity theft pretends to be a reliable online entity such as a bank, a well known courier, website and the like (Abagnale, 2007).

No comments:

Post a Comment