End Term Paper

8/3/2019 End Term Paper

http://slidepdf.com/reader/full/end-term-paper 1/23

1

Introduction

Identity theft is a term used to refers to fraud. Identity theft involves someone

pretending to be someone else in order to steal money or get other benefits. Identity theft is

relatively new and is a misnomer. The person whose identity was stolen can suffer various

consequences when he or she is held responsible for the thieves action. Identity theft is a little

different from identity fraud, as identity fraud is the result of identity theft. Identity theft may be

used to facilitate crimes including illegal immigration, terrorism, and espionage. Identity theft

may also be in means of blackmail.

Determining the link between data breaches and identity theft is challenging, primarily because

identity theft victims often do not know how their personal information was obtained," and

identity theft is not always detectable by the individual victims, according to a report done for

the FTC. Identity fraud is often but not necessarily the consequence of identity theft. Someone

can steal or misappropriate personal information without then committing identity theft using the

information about every person, such as when a major data breach occurs.

Identity theft is a crime in which an imposter obtains key pieces of personal information, such as

Social Security or driver's license numbers, in order to impersonate someone else. The

information can be used to obtain credit, merchandise, and services in the name of the victim, or

to provide the thief with false credentials. In addition to running up debt, an imposter might

provide false identification to police, creating a criminal record or leaving outstanding arrest

warrants for the person whose identity has been stolen.

Identity theft is categorized in two ways: true name and account takeover. True name identity

theft means that the thief uses personal information to open new accounts. The thief might open

a new credit card account, establish cellular phone service, or open a new checking account in

order to obtain blank checks. Account takeover identity theft means the imposter uses personal

information to gain access to the person's existing accounts. Typically, the thief will change the

mailing address on an account and run up a huge bill before the person whose identity has been

stolen realizes there is a problem. The Internet has made it easier for an identity thief to use the

information they've stolen because transactions can be made without any personal interaction.



2

Although an identity thief might crack into a database to obtain personal information, experts say

it's more likely the thief would obtain information by using old-fashioned methods. Retrieving

personal paperwork and discarded mail from trash dumpsters (dumpster diving) is one of the

easiest ways for an identity thief to get information. Another popular method to get information

is shoulder surfing - the identity thief simply stands next to someone at a public office, such the

Bureau of Motor Vehicles, and watches as the person fills out personal information on a form.

Identity theft is sometimes referred to as "iJacking."

Obje ctiv e

The main objective of this paper is to know about .

y H ow the identites are stolen.

y P rotection measures for the identity theft.

y The legal response of different countries .

y Recovery of the identity theft .

Typ es Of Id entit y Th ef t

Sources such as the non-profit Identity Theft Resource Center sub-divide identity theft into five

categories:

y B usin ess/ comm ercial id entit y th ef t (using another's business name to obtain credit)

y C riminal id entit y th ef t (posing as another person when apprehended for a crime)

y F inancial id entit y th ef t (using another's identity to obtain credit, goods and services)

y Id entit y cloning (using another's information to assume his or her identity in daily life)

y M edical id entit y th ef t (using another's identity to obtain medical care or drugs)

Identity theft may be used to facilitate or fund other crimes including illegal immigration,

terrorism, and espionage. There are cases of identity cloning to attack payment systems,

including online credit card processing and medical insurance.Identity thieves occasionally



3

impersonate others for non-financial reasons²for instance, to receive praise or attention for the

victim's achievements.

Id entit y C loning and C onc ealm ent

In this situation, the identity thief impersonates someone else in order to conceal their own true

identity. Examples might be illegal immigrants, people hiding from creditors or other

individuals, or those who simply want to become "anonymous" for personal reasons. Unlike

identity theft used to obtain credit which usually comes to light when the debts mount,

concealment may continue indefinitely without being detected, particularly if the identity thief is

able to obtain false credentials in order to pass various authentication tests in everyday life.

C riminal Id entit y Th ef t

When a criminal fraudulently identifies himself to police as another individual at the point of

arrest, it is sometimes referred to as "Criminal Identity Theft." In some cases criminals have

previously obtained state-issued identity documents using credentials stolen from others, or have

simply presented fake ID. P rovided the subterfuge works, charges may be placed under the

victim's name, letting the criminal off the hook. Victims might only learn of such incidents by

chance, for example by receiving court summons, discovering their drivers licenses are

suspended when stopped for minor traffic violations, or through background checks performed

for employment purposes.

It can be difficult for the victim of a criminal identity theft to clear their record. The steps

required to clear the victim's incorrect criminal record depend on what jurisdiction the crime

occurred in and whether the true identity of the criminal can be determined. The victim might

need to locate the original arresting officers and prove their own identity by some reliable means

such as fingerprinting or DNA fingerprinting, and may need to go to a court hearing to be cleared

of the charges. Obtaining an expungement of court records may also be required. Authorities

might permanently maintain the victim's name as an alias for the criminal's true identity in their

criminal records databases. One problem that victims of criminal identity theft may encounter is

that various data aggregators might still have the incorrect criminal records in their databases

even after court and police records are corrected. Thus it is possible that a future background



4

check will return the incorrect criminal records. This is just one example of the kinds of impact

that may continue to affect the victims of identity theft for some months or even years after the

crime, aside from the psychological trauma that being 'cloned' typically engenders.

S ynt h etic Id entit y Th ef t

A variation of identity theft which has recently become more common is synthetic identity theft ,

in which identities are completely or partially fabricated. The most common technique involves

combining a real social security number with a name and birthdate other than the ones associated

with the number. Synthetic identity theft is more difficult to track as it doesn't show on either

person's credit report directly, but may appear as an entirely new file in the credit bureau or as a

subfile on one of the victim's credit reports. Synthetic identity theft primarily harms the creditors

who unwittingly grant the fraudsters credit. Individual victims can be affected if their names

become confused with the synthetic identities, or if negative information in their subfiles impacts

their credit ratings.

M edical Id entit y Th ef t

Medical identity theft occurs when someone uses a person's name and sometimes other parts of

their identity²such as insurance information²without the person's knowledge or consent to

obtain medical services or goods, or uses the person¶s identity information to make false claims

for medical services or goods. Medical identity theft frequently results in erroneous entries being

put into existing medical records, which may in turn lead to inappropriate and potentially life-

threatening decisions by medical staff.

H ere are some of the most common types of identity theft:

S h ould er S ur f ing - This is where the thief nuzzles up to you, sometimes holding a hidden video

camera (usually in a cell phone) and tries to tell what your account number and P IN Is while you

are performing a transaction at an ATM or on a telephone. This is why it is always a good idea to

keep an eye on who is around you when you are doing credit card transactions in public.

Shoulder surfing can even take place while you are in a store using a hand held debit device so it

is always a good idea to conceal the numeric pad as you punch your numbers in.



5

Sk imming - This type of fraud usually happens in a place where you are required to give an

employee your card (such as a restaurant.) The employee disappears with your card to process it

but also puts it through a bit of extra processing by using a device that can copy the encrypted

information on the black magnetic stripe in your card. This information is then replicated to

create a copy of your original credit card so charges can be rung up on it.

D um p ster D iving - With this type of identity theft the thief goes through your garbage to find

receipts from cash registers, financial statements, credit card statements and even black carbon

statements in order to find out your personal information and your credit card number.

Taking Advantage of Your Offers - In this kind of fraud a thief either steals a pre-approved

credit card offer from your mailbox or out of your garbage. They then apply for the card as if it

was you. This is why it is so important to shred or discard these materials if you happen to

receive them.

Th e F raudul ent Email - A very common way of obtaining passwords, account numbers, social

security numbers and other information is for the thief to send you an email under the guise of a

company that you trust. Very often they pose as your credit card company, bank or another

institution that you hold an account with. They will tell you that there has been "fraud" suspected

on your account and that they need you to confirm your account number. Sometimes they willask you to change your password (if they already have your account number. This is a great way

of getting your personal data. Some criminals even have advanced computer technology that can

obtain large amounts of personal data once you provide them with just one or two important bits

of information such as your social security number.

Yet another crime of this type is called phishing. This is where criminals posing as a credit

consolidation company make you an offer to obtain your credit report or fix your credit. In order

to this they of course need your financial information and some kind of fee. Once you pay the feethe company of course disappears.

With enough identifying information about an individual, a criminal can take over that

individual's identity and conduct all kinds of crimes. The crook can make false applications for

loans and credit cards and withdraw money from your accounts. Your stolen identity can also be



6

used for the fraudulent use of telephone calling cards. This can go on for months without the

victim's knowledge as often falsely obtained credit cards are sent to an address other than yours.

It is quite common for a victim of identity theft to have not idea this is going on until quite a bit

of damage has already been done to the person's reputation and credit.

H ow Id entiti es Ar e S tol en

Identity theft starts off as a misuse of your personally identifying information such as your name,

social security number, credit card numbers, or other financial account information. Skilledidentity thieves use a variety of methods to get a hold of your information.

y D um p ster D igging- Thief's can rummage through trash looking for bills or other paper

with you personal information on it.

y Sk imming- Identity thieves can steal credit/debit card numbers by using a special storage

device when processing your card.

y P h ish ing- They can pretend to be financial institutions or companies and send spam or

pop up messages to get you to reveal personal information.

y C h anging your addr ess - They can divert your billing statements to another location by

completing a change of address form.

y O ld F a sh ion S tealing- L ike common theft reputations they can steal wallets, purses, and

mail including bank and credit card statements, and new checks or tax information. They

can steal personal records, or bride employees who have access.

y P r etex ting- Identity thief's can use pretenses to obtain personal information from

financial institutions, telephone companies, and other sources.



7

R eason s F or Th e Id entit y Th ef t

There are several reasons why an unscrupulous individual would steal someone else's identity. It

would be worthwhile to know these so that a person can better protect himself from identity

thieves.

y One common reason for misrepresenting one's identification is to purchase items at the

expense of the other.

y The second most common reason for such theft is to apply for utility services -- such as

mobile phone, cable television, and landline phone, among others -- using another

person's name.

y Third reason for this type of theft is so that the offender may engage in criminal activity

without a high probability of being caught by police. If this is the case, the victim will be

the one held liable for criminal liabilities and face the consequences.

P rot ection F or Th e Id entit y Th ef t

Id entit y P rot ection B y Th e Individual :

The advancements in technology, are forced to look for new ways to manage our money in order

to protect our assets and ourselves. Unfortunately, there are a number of dishonest individuals

out there who strive to steal our personal information, and they are becoming increasingly

sophisticated in the methods that they use to rip us off. In order to adequately protect our

identities and our financial information, it is imperative that we follow these guidelines:

y S h r ed it! - If you have paper bank documents or other financial documents, rather than

simply throwing them away in the trash bin you should shred them into the smallest

pieces that you can. Online documents should be deleted so that no trace is left, as well.

(See my recommended online shredding program at the end of this article).

y Encr yp t f iles and loc k up docum ent s - Any important records that need to be kept

should be kept under lock and key, which means in a safe or lock box. Online documents



8

and vital information should be password protected or stored in encrypted files.

Windows allows you to create a password protected zip file for free. I also recommend

using Roboform, a password management software program that keeps your passwords

organized and protected.

y D on't k eep all o f your critical in f ormation in on e p lac e - You should never carry your

driver's license and social security card at the same time. If someone were to come by

both of these cards, your identity could be easily stolen.

y S ecur e your outgoing mail - When sending outgoing mail, you should use a secure

mailbox. The same goes for online correspondence. You do not want anyone reading

your mail that it was not intended for.

y K eep your p er sonal in f ormation p rivat e - You should never give out personal or vital

information over the phone or over the Internet, unless you are absolutely sure that you

are going through secure channels in the process.

y L ook f or " h tt p s" - While purchasing items online is traditionally secure, you should

always use caution to make sure that the businesses you deal with are legitimate. Always

make sure that "https" appears at the beginning of the UR L in the address bar before

entering your credit card information online. This means that the website is secure and

identity thieves will not be able to spy on you and steal your credit card number.

y S ign u p f or a servic e th at monitor s your p er sonal id entit y f or you - Especially if youhave your own business or use the Internet extensively, you may want to pay a service to

monitor your personal identity, giving you peace of mind in the process. Sophisticated

methods will be used to prevent identity theft from occurring using your personal

information, and you will be notified if any suspicious activity should happen to occur

on one of your accounts. These companies are outstanding for monitoring all of the

activity on your credit report, allowing you to prevent identity theft from occurring and

ruining your life.

We spend so much of our lives building up our incomes and credit history. Because so much

energy goes into these things, it is imperative that we work hard to protect ourselves. It¶s

important that we continue to take certain steps against the act of identity theft. The steps

provided above make for a great jumping off point for keeping personal information secure, and



9

ensuring that nobody can take advantage of our hard earned money or credit history for their own

personal gain. Your vital information is extremely valuable, so keep it close and do not share it

unless it is safe and necessary to do so. When in doubt, 'trust but verify' are good words to live

by.

Id entit y p rot ection b y organization s:

In the May 1998 testimony before the United States Senate, the Federal Trade Commission

(FTC) discussed the sale of Social Security numbers and other personal identifiers by credit-

raters and data miners. The FTC agreed to the industry's self-regulating principles restricting

access to information on credit reports. According to the industry, the restrictions vary according

to the category of customer. Credit reporting agencies gather and disclose personal and credit

information to a wide business client base.

P oor stewardship of personal data by organizations, resulting in unauthorized access to sensitive

data, can expose individuals to the risk of identity theft. The P rivacy Rights Clearinghouse has

documented over 900 individual data breaches by US companies and government agencies since

January 2005, which together have involved over 200 million total records containing sensitive

personal information, many containing social security numbers. P oor corporate diligence

standards which can result in data breaches include:

y Failure to shred confidential information before throwing it into dumpsters

y Failure to ensure adequate network security

y The theft of laptop computers or portable media being carried off-site containing vast

amounts of personal information. The use of strong encryption on these devices can

reduce the chance of data being misused should a criminal obtain them.

y The brokerage of personal information to other businesses without ensuring that the

purchaser maintains adequate security controlsy Failure of governments, when registering sole proprietorships, partnerships, and

corporations, to determine if the officers listed in the Articles of Incorporation are who

they say they are. This potentially allows criminals access to personal information

through credit-rating and data mining services.



10

The failure of corporate or government organizations to protect consumer privacy, client

confidentiality and political privacy has been criticized for facilitating the acquisition of personal

identifiers by criminals.

Using various types of biometric information, such as fingerprints, for identification and

authentication has been cited as a way to thwart identity thieves, however there are technological

limitations and privacy concerns associated with these methods as well.

T ip s R egarding Th e P r evention F rom C r edit C ard Th ef t:

There are easy steps you can take to prevent credit card theft.

There are people who are probably conman out to call and trick you by asserting you have won a

trip and all you must do is give them a Visa card number to reserve your spot or that folks will

go through your rubbish to get bills or a Credit card invoice with your ATM card number.

With all the possibilities to rob your identity you must ensure that you do all that you can to

guard yourself, your identity and credit.

y Always sign on the backs of your credit cards right away on receiving them. This little

act may be insignificant but it can save you much trouble later on.

y P ut your credit card in another place aside from your wallet, perhaps a zipper in your

purse or a money clip in your pocket. That way if your wallet gets thieved, the person

won't have access to your credit card info.

y K eep your invoices for a comparison with your credit card statement. If something isn't

correct, you should contact the issuer right away.

y Rip up or shred all bills that would have any private info on them. A couple of things that

you must NOT DO to help protect your identity. One. Don't give out any private info to

anyone, this is including Credit card info, social security numbers, passwords or any kind

of account number.



11

y Don't lend your Visa card to any person. Don't keep any of your account numbers, visa

cards or any sorts of receipts scattered around anywhere. Never give private info out over

the telephone, the majority of these telephone calls are con's and will just use the info that

you give them.

y Don't take your eyes off a person running your ATM card info, there were cases where

assistants have anonymously published doubles of a people info and kept a copy for

themselves. One of the most vital things that you can do is to guard your identity

S om e T ip s T o P rot ect Id entit y Th ef t :

It's shocking to know that almost 10 million people in America get scammed every year with this

kind of actions, leaving huge losses of billions of dollars. Find bellow some tips to avoid getting

scammed:

1. Th e dang er s of D eb it C ard s: This type of card has more liability than credit cards. Credit

cards don't represent as much personal liability than debit cards. Debit cards' responsibilities

depend on the time it takes you to report you lost your card. You have 60 days after you receive

your account statements to fill a report for unauthorized use of your card. If you don't do it on

that time, you would lose the entire amount of money held at the account and even more, the

bank could make you pay for the money spent from your available credit.

2. G et Awa y F rom C h eck s: Nowadays you can have your checks printed on any motive you

like making them attractive to the user but the reality is that a check carries a lot of your personal

information on it. When you write a check you will be handling to a total stranger your bank

account number, your signature, your address, and license number. As this wasn't bad enough,

federal laws don't limit your personal liability on the checks that someone may falsify. Anyfinancial expert will advise you start automating the payment of your bills.

3. P rot ect your M ail box: A lot of information goes into your mailbox every day. P eople trying

to steal your identity can find your bank statements, your personal bills, pre-approved credit

cards, etc. You could lock with key your mailbox as a solution to this problem.



1 2

4 . S av e all t h e in f ormation f or an em erg enc y: H aving a backup of all the information

regarding your credit cards, date of expiration, emergency numbers, name of issuing bank, is a

good procedure. P ut all this information on a box and even add copies of your driving license,

your social security card, your passport. Be sure to lock the place where you will be saving this

or find some other secure place such as a safe deposit box in a bank.

Maybe all this could be seen as too much work for nothing, but when you become a victim on

this kind of felony, you'll understand that the effort is worth it. Don't forget that if it wasn't for

what you carry in your wallet or your purse, you couldn't tell who you really are.

R egional l egal r esp on ses

Au stralia

In Australia, each state has enacted laws that dealt with different aspects of identity or fraud

issues. Some States have now amended relevant criminal laws to reflect crimes of identity theft,

such as the Criminal L aw Consolidation Act 1935 (SA), Crimes Amendment (Fraud, Identity

and Forgery Offences) Act 2009 and also in Queensland under the Criminal Code 1899 (Q L D).

Other States and Territories are in states of development in respect of regulatory frameworks

relating to identity theft such as Western Australia in respect of Criminal Code Amendment

(Identity Crime) Bill 2009.

On the Commonwealth level, under the Cr iminal Co de Amendment (Theft, F r aud, B r ibe r y &

Related Offences) Act 2000 which amended certain provisions within the Cr iminal Co de Act

1995 ,

A person is guilty of an offence if: a) the person does anything with the intention of

dishonestly cau sing a lo ss to anot h er p er son ; and b) the other person is a Commonwealth

entity. P enalty: Im p ri sonm ent f or 5 year s.



1 3

L ikewise, each state has enacted their own privacy laws to prevent misuse of personal

information and data. The Commonwealth P r ivacy Act is applicable only to Commonwealth and

territory agencies, and to certain private sector bodies (where for example they deal with

sensitive records, such as medical records, or they have more than $3 million turnover P A).

C anada

Und er section 402 .2 o f th e Criminal Code of Canada,

Everyone commits an offence who knowingly obtains or possesses another person¶s

identity information in circumstances giving rise to a reasonable inference that the

information is intended to be used to commit an indictable offence that includes fraud,

deceit or falsehood as an element of the offence is guilty of an indictable offence and

liable to imprisonment for a term of not more than five years; or is guilty of an offence

punishable on summary conviction.

Und er section 403 o f th e Criminal Code of Canada,

(1) Everyone commits an offence who fraudulently personates another person, living or

dead,

(a) with intent to gain advantage for themselves or another person; (b) with intent to

obtain any property or an interest in any property; (c) with intent to cause disadvantage to

the person being personated or another person; or (d) with intent to avoid arrest or

prosecution or to obstruct, pervert or defeat the course of justice. is guilty of an indictable

offence and liable to imprisonment for a term of not more than 10 years; or guilty of an

offence punishable on summary conviction.

In Canada, P r ivacy Act (federal legislation) covers only federal government, agencies and crown

corporations. Each province and territory has its own privacy law and privacy commissioners to

limit the storage and use of personal data. For the private sector, the purpose of the P ersonal

Information P rotection and Electronic Documents Act ( 2000, c. 5 ) (known as P IP EDA) is to

establish rules to govern the collection, use and disclosure of personal information; except for the



1 4

provinces of Quebec, Ontario, Alberta and British Columbia were provincial laws have been

deemed substantially similar.

F ranc e

In France, a person convicted of identity theft can be sentenced up to five years in prison and

fined up to ¼75,000.

H ong K ong

Under HK L aws. Chap 210 Theft O r dinance , sec. 16A Fraud

(1) If any person by any deceit (whether or not the deceit is the sole or main inducement)and with int ent to d ef raud induces another person to commit an act or make an omission,

which results either-

(a) In be nef it to an y p er son other than the second-mentioned person; or (b) in prejudice

or a substantial risk of prejudice to any person other than the first-mentioned person, the

first-mentioned person commits the offense of fraud and is liable on conviction upon

indictment to im p ri sonm ent f or 14 year s.

Under the P er so nal Data ( P r ivacy) O r dinance , it established the post of P rivacy Commissioner

for P ersonal Data and mandate how much personal information one can collect, retain and

destruction. This legislation also provides citizens the right to request information held by

businesses and government to the extent provided by this law.

India

Under the Information Technology Act 2000 Chapter IX Sec 4 3 (b)

If any person without permission of the owner or any other person who is incharge of a

computer, computer system or computer network,



1 5

(b) downloads, copies or extracts any data, computer data base or information from such

computer, computer system or computer network including information or data held or

stored in any removable storage medium;

he shall be liable to pay damages by way of compensation not exceeding one crore rupees

to the person so affected.

S wed en

Sweden have had relatively little problems with identity theft. This is because only Swedish

identity documents have been accepted for identity verification. Stolen documents are traceable

by banks and some other institutions. The banks have the duty to check the identity of people

withdrawing money or getting loans. If a bank gives money to someone using an identity

document reported as stolen, the bank must take the loss. From 2008 any EU passport are valid

in Sweden for identity check, and Swedish passports are valid all over the EU. This makes it

more hard to detect stolen documents, but still banks in Sweden must ensure that stolen

documents are not accepted.

Other types of identity theft than over the bank desk have become more common in Sweden.

One common example is ordering a credit card to someone who has an unlocked letterbox and isnot home on daytime. The thief steals the letter with the credit card and then the letter with the

code which typically arrives a few days later.

L egally, Sweden is an open society. The P rinciple of P ublic Access says that all information kept

by public authorities must be available for anyone except in certain cases. Specificially anyone's

address, income, taxes etc are available to anyone. This makes fraud easier (the address is

protected for certain people needing it).

To impersonate someone else and gain money from it is a kind of fraud, which is descibed in the

Criminal Code (Swedish:Brottsbalken).



1 6

Unit ed K ingdom

In the United K ingdom personal data is protected by the Data P rotection Act 1998. The Act

covers all personal data which an organization may hold, including names, birthday and

anniversary dates, addresses, telephone numbers, etc.

Under English law (which extends to Wales but not necessarily to Northern Ireland or Scotland),

the deception offences under the Theft Act 1968 increasingly contend with identity theft

situations. In R v Sewa r d (2005) EWCA Crim 19 4 1 the defendant was acting as the "front man"

in the use of stolen credit cards and other documents to obtain goods. H e obtained goods to the

value of £10,000 for others who are unlikely ever to be identified. The Court of Appeal

considered sentencing policy for deception offenses involving "identity theft" and concluded that

a prison sentence was required. H enriques J. said at para 1 4 :"Identity fraud is a particularly

pernicious and prevalent form of dishonesty calling for, in our judgment, deterrent sentences."

Increasingly, organizations, including Government bodies will be forced to take steps to better

protect their users' data.

Stats released by CIFAS on the 2nd of February 2010, show that in 2009 in the U K that there

were 85,000 victims of impersonation and 2 4 ,000 victims of bank account takeovers. this

represents a 35% and 15% increase respectively from 2008 levels.

Unit ed S tat es

The increase in crimes of identity theft lead to the drafting of the Identity Theft and Assumption

Deterrence Act. In 1998, The Federal Trade Commission appeared before the United States

Senate. The FTC discussed crimes which exploit consumer credit to commit loan fraud,

mortgage fraud, lines-of-credit fraud, credit card fraud, commodities and services frauds. The

Identity Theft Deterrence Act (2003)[ITADA] amended U.S. Code Title 18, § 1028 ("Fraud

related to activity in connection with identification documents, authentication features, and

information"). The statute now makes the possession of any "means of identification" to

"knowingly transfer, possess, or use without lawful authority" a federal crime, alongside

unlawful possession of identification documents. H owever, for federal jurisdiction to prosecute,



1 7

the crime must include an "identification document" that either: (a) is purportedly issued by the

United States, (b) is used or intended to defraud the United States, (c) is sent through the mail, or

(d) is used in a manner that affects interstate or foreign commerce. See 18 U.S.C. § 1028(c).

P unishment can be up to 5, 15, 20, or 30 years in federal prison, plus fines, depending on the

underlying crime per 18 U.S.C. § 1028(b). In addition, punishments for the unlawful use of a

"means of identification" were strengthened in § 1028A ("Aggravated Identity Theft"), allowing

for a consecutive sentence under specific enumerated felony violations as defined in §

1028A(c)(1) through (11).

The Act also provides the Federal Trade Commission with authority to track the number of

incidents and the dollar value of losses. Their figures relate mainly to consumer financial crimes

and not the broader range of all identification-based crimes.

If charges are brought by state or local law enforcement agencies, different penalties apply

depending on the state.

Six Federal agencies conducted a joint task force to increase the ability to detect identity theft.

Their joint recommendation on "red flag" guidelines is a set of requirements on financial

institutions and other entities which furnish credit data to credit reporting services to develop

written plans for detecting identity theft. The FTC has determined that most medical practicesare considered creditors and are subject to requirements to develop a plan to prevent and respond

to patient identity theft. I These plans must be adopted by each organization's Board of Directors

and monitored by senior executives.

Identity theft complaints as a percentage of all fraud complaints decreased from 200 4 -2006. [30]

The Federal Trade Commission reported that fraud complaints in general were growing faster

than ID theft complaints. The findings were similar in two other FTC studies done in 2003 and

2005. In 2003, 4 .6 percent of the US population said they were a victim of ID theft. In 2005, thatnumber had dropped to 3.7 percent of the population. The Commission's 2003 estimate was that

identity theft accounted for some $52.6 billion of losses in the preceding year alone and affected

more than 9.91 million Americans; the figure comprises $ 4 7.6 billion lost by businesses and $5

billion lost by consumers.



1 8

According to the Federal Trade Commission (FTC), a report released in 2007 revealed that 8.3

million American adults, or 3.7 percent of all American adults, were victims of identity theft in

2005.

The latest report from the FTC showed that ID theft increased by 21% in 2008. H owever, credit

card fraud, that crime which is most closely associated with the crime of ID theft, has been

declining as a percentage of all ID theft. In 2002, 4 1% of all ID theft complaints involved a

credit card. That percentage has dropped to 21% in 2008.

Two states, California and Wisconsin have created an Office of P rivacy P rotection to assist their

citizens in avoiding and recovering from identity theft.

In Massachusetts in 2009-2010, Governor Deval P atrick made a commitment to balanceconsumer protection with the needs of small business owners. H is Office of Consumer Affairs

and Business Regulation announced certain adjustments to Massachusetts' identity theft

regulations that maintain protections and also allows flexibility in compliance. These updated

regulations went into effect on March 1, 2010. The regulations are clear that their approach to

data security is a risk-based approach important to small businesses and might not handle a lot of

personal information about customers.

S p r ead And Im p act

Surveys in the USA from 2003 to 2006 showed a decrease in the total number of victims and a

decrease in the total value of identity fraud from US$ 4 7.6 billion in 2003 to $15.6 billion in

2006. The average fraud per person decreased from $ 4 ,789 in 2003 to $1,882 in 2006.

The 2003 survey from the Identity Theft Resource Center found that:

y Only 15% of victims find out about the theft through proactive action taken by a businessy The average time spent by victims resolving the problem is about 330 hours

y 73% of respondents indicated the crime involved the thief acquiring a credit card

In a widely publicized account, Michelle Brown, a victim of identity fraud, testified before a

U.S. Senate Committee H earing on Identity Theft. Ms. Brown testified that: "over a year and a



1 9

half from January 1998 through July 1999, one individual impersonated me to procure over

$50,000 in goods and services. Not only did she damage my credit, but she escalated her crimes

to a level that I never truly expected: she engaged in drug trafficking. The crime resulted in my

erroneous arrest record, a warrant out for my arrest, and eventually, a prison record when she

was booked under my name as an inmate in the Chicago Federal P rison."

In Australia, identity theft was estimated to be worth between AUS$1billion and AUS$ 4 billion

per annum in 2001.

In the United K ingdom the H ome Office reported that identity fraud costs the U K economy £1.2

billion annually (experts believe that the real figure could be much higher) although privacy

groups object to the validity of these numbers, arguing that they are being used by the

government to push for introduction of national ID cards. Confusion over exactly what

constitutes identity theft has led to claims that statistics may be exaggerated.

F amou s Id entit y Th ieves

F ran k Ab agnal e

Frank William Abagnale, Jr . (born April 27, 19 4 8) is an American security consultant best

known for his history as a former confidence trickster, cheque forger, skilled impostor, and

escape artist. H e became notorious in the 1960s for successfully passing US$2.5 million worth of

meticulously forged checks across 26 countries over the course of five years, beginning when he

was 16 years old. In the process, he claimed to have assumed no fewer than eight separate

identities, successfully impersonated an airline pilot, a doctor, a Bureau of P risons agent, and a

lawyer. H e escaped from police custody twice (once from a taxiing airliner and once from a US

federal penitentiary), all before he was 21 years old.

Abagnale's first confidence trick was writing personal checks on his own overdrawn account.

This, however, would only work for a limited time before the bank demanded payment, so he

moved on to opening other accounts in different banks, eventually creating new identities to

sustain this charade. Over time, he experimented and developed different ways of defrauding



2 0

banks, such as printing out his own almost-perfect copies of checks, depositing them and

persuading banks to advance him cash on the basis of money in his accounts.

M ich ael S ab o

Michael Sabo (born in 19 4 5) is a security fraud consultant and speaker. Sabo is best known for

his history as a check, stocks and bonds forger, a well known impostor and as an escaped

fugitive from federal custody. H e became notorious in the 1960s and throughout the 1990s for

successfully forging bank and government checks, as well as the forgery of stock and bond

certificates. Sabo also obtained gold coins fraudulently and stole over 5 million dollars

throughout his crime spree. The FBI and Interpol have listed over 100 fake identities that Saboused throughout his career. Sabo impersonated airline pilots with six different carriers, medical

doctors, P h.Ds, loan officers, IRS agent, [1] and once hired 300 people for a one day computer

scam in P hoenix. H e has also been hired as a deputy sheriff just six weeks after escaping from a

federal prison, and once was hired as a federal prison guard while on the run from the FBI.

Sabo's life story was considered by Steven Spielberg, but wasn't used because Sabo was on the

run. Sabo was featured on a national TV program of Unsolved Mysteries.

Sabo has been convicted of bank fraud, forgery of stocks and bonds, grand larceny, and identity

theft, both in federal and state courts. [2] Sabo was an executive for some blue chip companies

making-up payroll checks, and scamming most of the major hotel chains from both sides of the

reception desk.

Sabo served a total of 12 years both in federal and state prison.

Currently Sabo is working on a book about his life, and identity theft and fraud. It is due to be published in late 2010.



2 1

Albe rt Gonzal ez

Albert Gonzalez (born 1981) is a computer hacker and computer criminal who is accused of

masterminding the combined credit card theft and subsequent reselling of more than 170 million

card and ATM numbers from 2005 through 2007²the biggest such fraud in history.

Gonzalez and his accomplices used SQ L injection techniques to create malware backdoors on

several corporate systems in order to launch packet sniffing (specifically, AR P Spoofing) attacks

which allowed him to steal computer data from internal corporate networks.

During his spree he was said to have to thrown himself a $75,000 birthday party and complained

about having to count $3 4 0,000 by hand after his currency-counting machine broke. Gonzalez

stayed at lavish hotels but his formal homes were modest.

Gonzalez had three federal indictments:

y May 2008 in New York for the Dave & Busters case (trial schedule September 2009)

y May 2008 in Massachusetts for the TJ Maxx case (trial scheduled early 2010)

y August 2009 in New Jersey in connection with the H eartland P ayment case.

On March 25, 2010, Gonzalez was sentenced to 20 years in federal prison.

H ow T o R ecov er F rom Id entit y Th ef t

The below steps could assist you retrieve control of the identity theft.

In stantl y a f ter f inding t h e Id entit y wa s sn eak ed

Finding the identity was sneaked is generally disgraceful. They are such a impact not simply

because it is been sneaked, however likewise as the harm has already done. Typically you



22

discover while you obtain the tax bill, get the mortgage or credit application refused, or while

you are caught for unknown thing that you did not do.

One solution to regaining right from identity stealing promptly is to act rapidly. Reporting an

identity theft to the best authorities is important.

S ubseq uentl y a f ter t h e f ir st Id entit y stealing r ep ort

L ater you charge identity stealing charges with the Federal Trade Commission and the localized

police enforcement authorities, what to do next? It's difficult to recognize how to carry on. Your

maiden replete is to defend troubles as it rise up. H owever there is a best method.

Rather than waiting to discover what fields of the life will be strange-struck by identity stealing,you could get down riding herd on the credit reports and handling any fiscal hurts that have

finished. Since almost identity stealing are really determined because of the fiscal hurt that is

finished, this is the really crucial way in your retrieval.

R ealiz e th e rig h ts as th e victim o f id entit y th ef t

Even while you are going rapidly and managing everything in the right way, you will face-off

barriers en route to retrieving the identity. Few of those barriers could be cleared up if yourealize your rights as the purchaser.

D o not be com e se lf -sati sf ied w h en t h e id entit y is am end ed

One fault that victims of identity stealing do is presuming that when they've cleaned the harm

made by identity stealing, it's all over. Not right. As a matter of fact, it is not all that unusual for

identity stealers to strike one and the same victims again and again.

One person in L one-Star State (Texas) was repeatedly terrified by identity stealing for about ten

yrs. Each time she made clean her credit, the stealer that sneaked her identity earlier would make

mayhem for her once more. To forbid stealers from running into repeatedly, you want to remain

perpetually monitor the free credit report or defend the identity with identity theft protection and

be open-eyed against subsequent identity stealing attacks.



23

C onclu sion

We have conquered not only what identity theft is and how it occurs but also, how you can have

a hand in preventing it and knowing what to do when or if it does affect you. Identity theft is

one of the most insidious forms of white-collar crime. Moreover, identity theft is not a crime

committed for its own sake.The Federal Department of Justice regard identity theft as a serious

crime problem that requires a comprehensive and coordinated approach.You CAN protect

yourself by taking the steps outlined in this book.Above all, be proactive when it comes to your

information. If you take steps to protect yourself right now, you won¶t have to worry. The sad

reality remains however that no matter how many precautions you take it is never possible to befully immune to identity thieves.