Professional Documents
Culture Documents
Identity Theft Final Paper
Identity Theft Final Paper
Identity Theft Final Paper
ACT-520-A
4/26/18
anywhere in the world, the increasing risk of fraud is something that people have to start taking
into consideration. Given that almost any person on earth can log onto a computer, implant a
virus on another person’s device through an email, and take sensitive information essential for
financial activities, the likelihood of someone being a victim to any type of fraudulent crime
increases exponentially. Among those white collar crimes that have seen a rise in activity over
recent years, identity theft looks as though it is the most popular. Unlike traditional theft, this
is a nonviolent crime which really requires little effort to pull off. Going into a neighbor’s
garbage can could easily provide the necessary documents to go take out a new mortgage on a
new home. If the criminal did want to get his or her hand’s dirty, just pick up a phone call
pretending to be an agent from the IRS. Jot down a few numbers on a notepad and the path to
potentially ruining another person’s financial existence is well on its way. Preventing and
stopping identity theft is almost impossible as it is as though the people with the leg up are
those committing the crime. However, understanding the crime itself, along with
precautionary measures is an essential step in making sure that the negative impact is at least
less severe.
Identity theft has become a serious issue for individuals and businesses. According to
Javelin Research’s 2016 Identity Theft Study, $15 billion was stolen from 13.1 million individuals
in 2015 (Kess, Grimaldi, & Revels 67). There are two major phases of combating identity theft:
prevention and recovery. Prevention is the focus of minimizing exposure. On the other hand,
recovery helps minimize the pain in terms of time and money. Identity theft and related
fraudulent activities affect approximately one in twenty-five adults each year across western
societies (Anderson, “Identity Theft Growing”). The Internet provides a new avenue for
obtaining identity tokens. Multiple programs, hacks, and deceptive techniques can be used to
access an individual’s personal information and increases the scale on which identity theft can
be perpetrated.
Over the years, identity theft, and fraud in general, is seemingly surpassing traditional
theft. According to author J. Craig Anderson, “identity theft is expected to surpass traditional
theft as the leading form of property crime. Security analysts say everyone should prepare to
become a victim at some point” (Anderson, “Identity Theft Growing”). The number of malicious
programs written to steal personal information has increased significantly to an estimated 130
million from about 1 million in 2007 (Anderson, “Identity Theft Growing”). Perpetrators have
learned that in order to be successful in their scams they need to expand the horizons. Hacking
larger companies and taking personal information from a wide pool of customers virtually
guarantees success on at least one occasion. When the fraud occurs, companies incur losses
such as legal costs and consulting fees. Ultimately, when the companies pay, the consumers
pay as well; in the form of higher retail costs or credit card fees. Unless the insurance policy
covers a vast majority of the losses, in most instances that is not the case, “most merchants are
content to clean up the damage from an attack, rather than pay for better preventive
Identity theft and identity fraud are “terms used to refer to all types of crime in which
someone wrongfully obtains and uses another person's personal data in some way that involves
fraud or deception, typically for economic gain” (“Fraud Section, FRD”). One of the most
common ways that identity theft occurs is through “shoulder surfing”. This entails watching the
victim from a nearby place as they are providing credit card information over the phone
(Roberts, Indermaur, & Spiranovic 318). Most people receive pre-approved credit card
applications in the mail that get thrown in the trash without tearing it up. Fraud perpetrators
may retrieve the document and activate the card for their own use without the victim’s
personal data which includes social security numbers, place of residence, amount of income,
date of birth, and much more highly sensitive information (Roberts, Indermaur, & Spiranovic
318). With this material, fraudsters can commit crimes such as false applications on loans and
credit cards, fraudulent withdrawals from bank accounts, and unauthentic use of online
accounts.
Identity theft is especially prevalent in Arizona, which had more victims per capita than
any other state in 2010, with about 149 victims for every 100,000 residents (Anderson,
“Identity Theft Growing”). According to the Federal Trade Commission, identity theft also
occurs frequently in California, Florida, Texas and Nevada. (“Fraud Section, FRD”). Once a
stolen identity is used to apply for additional lines of credit, the victim can spend years trying to
resolve debt that is caused by thieves in their names. For an identity theft victim who needs to
borrow money, it can be a huge struggle because of their damaged credit scores. Others have
A red flag is raised once an individual receives a letter stating that their personal data
was compromised in a corporate data breach (Kess, Grimaldi, & Revels 66). At that point, one
should become very vigilant about the situation. Based on an annual report provided by Javelin
Strategy & Research, the percentage of incident related to identity theft keeps on increasing
from year to year and some of the contributing factors to this increase are “new account” and
“account takeover” frauds (Anderson “Identity Theft Growing”). New account fraud means that
either an authorized credit card account or an entirely new bank account has been opened via
appropriate means. Account takeover fraud is when perpetrators have changed the victims’
contact information, such as a mailing address, in order to transfer money into their own
pockets so to speak. Data breaches that involve social security numbers are the most harmful
since new accounts can be easily opened and old accounts can be authenticated. Once another
individual has access to a person’s social security number, it is potentially catastrophic for the
victim as most financial endeavors can be started with just knowing that form of identification.
When a person receives a letter warning that their personal data was breached, it is
important to follow the appropriate steps. First, contact the company to make sure the letter
that was received is legitimate (“Fraud Section, FRD”). When validated, proactive steps should
be taken to ensure the damage is as minimal as possible. If the company reporting the breach
offers free credit monitoring, the consumer should take advantage of it (“Fraud Section, FDR”).
Other times, individuals who are victims of identity theft, will not be aware. Some of the
warning signs include receiving credit cards for which one did not apply, being denied of credit
for no apparent reason, or receiving calls from debt collectors about merchandise or services
one did not purchase (“Fraud Section, FDR”). Therefore, it is important to monitor balances of
financial accounts and look for unexplained charges or withdrawals. It is also important to
Unfortunately, many people do not even realize that they are victims of theft until the
damage is permanently done. Once the individual realizes they have been victimized, the first
step to take is to obtain a copy of the credit report from at least one of the three nationwide
credit bureaus (Carrns et al., “Your Money”). People should contact the credit bureaus by
phone but follow up the request in writing. A fraud alert is posted on the credit report which
initially lasts 90 days. After the 90 days, an extension is available and requires a copy of an I.D.
theft report to law enforcement (Carrns et al., “Your Money”). The fraud alert notifies lenders
to be more aware when reviewing credit. Individuals can request reports periodically from
Equifax, Experian, and Trans Union agencies to maximize their coverage. People should
thoroughly review their credit report so they can look for new unauthorized accounts, or
unexplained debts and inquiries. After the review is complete, disputed charges need to be
communicated to the reporting agency through a written letter. The letter should request the
agencies to correct the disputed charges (Carrns et al., “Your Money”). It is important to close
or renumber all business/creditors accounts by asking the issuer to promptly clear credit
records, then follow-up this request in writing (Carrns et al., “Your Money”). Speak directly
with the security or fraud department, not a customer service representative. In order to avoid
the liability of these false charges, one needs to communicate with creditors within 30-60 days.
Consider a credit freeze which requires a written request to credit reporting agencies. Placing a
freeze on the credit report prevents the fraudulent opening of new accounts without the
consumer’s consent.
The next step to take is to report the crime to the Federal Trade Commission & Local
Law Enforcement (Carrns et al., “Your Money”). Making an online report to the Federal Trade
Commission and completing an ID Theft Affidavit are necessary processes people must take.
FTC is a resource for I.D. theft recovery, protection, and fraud. Local police should be
If the credit reporting company accepts the identity theft report, it must block the
fraudulent information from the credit report within 4 business days (Carrns et al., “Your
Money”). If the credit reporting agency rejects the identity theft report, it can then take
additional days since the victim will be asked to provide additional proof of the identity theft.
Once the identity is stolen it is imperative to repair the damage caused by the perpetrator. On
average it takes 18 months to two years to clear credit, according the Department of Justice
(“Fraud Section, FDR”). An impostor can use personal information to obtain credit,
employment, social security, medical services, IRS refunds or even avoid criminal arrest or
action.
The Department of Justice prosecutes cases of identity theft and fraud under various
federal statutes. In 1998, Congress passed the Identity Theft and Assumption Deterrence Act
(“Fraud Section, FDR”). This legislation created a new offense of identity theft, which prohibits
another person with the intent to commit, or to aid or abet, any unlawful activity that
constitutes a violation of Federal law, or that constitutes a felony under any applicable State or
local law." 18 U.S.C. § 1028(a) (7) (“Fraud Section, FDR”). If found guilty this offense carries a
maximum of 15 years’ imprisonment, a fine, and a criminal forfeiture of any personal property
used or intended to be used to commit the crime. Schemes to commit identity theft or fraud
may also involve violations of other statutes such as identification fraud (18 U.S.C. § 1028),
credit card fraud (18 U.S.C. § 1029), computer fraud (18 U.S.C. § 1344) (“Fraud Section, FDR”).
Each of these federal offenses are felonies that carry substantial penalties, in some instances,
as high as 30 years' imprisonment, fines, and criminal forfeiture. Federal prosecutors work with
investigative agencies such as the Federal Bureau of Investigation, the United States Secret
Service, and the United States Postal Inspection Service to prosecute identity theft and fraud
cases.
paperwork such as financial documentation should be stored in a secure place. One should
limit what is carried out when going out, it should be a form of identification and only
debit/credit cards one plans to utilize. Social Security and Medicare cards should remain at
home or in a secure place. Promptly remove all mail from the mailbox as someone may take
the chance to steal the packages or letters in hopes of obtaining something valuable for his or
her cause. Shredding sensitive documents, receipts, credit offers, credit applications, insurance
forms, physician statements, checks, bank statements, expired charge cards, and similar
documents before placing them in the trash. One should consider opting out of prescreened
offers of credit and insurance by mail. Protect medical information by destroying labels on
prescription bottles before throwing them out, be aware not to share any health plan
information with anyone who offers free health services or products. Before any personal
information is shared anywhere, one needs to ask who will access to view it, how it will be
Common advice from various sources is to never provide the full nine digit Social
Security number unless it’s absolutely a necessity (Roberts, Indermaur, & Spiranovic 318). Once
asked to validate identity, provide other form of identification. Consumers can ask service
providers such as utility companies to replace the four digits of the Social Security number with
a different four digit code to authenticate identity when needed (Roberts, Indemaur, &
Spiranovic 321). At times one must provide the number to the employer and financial
institutions for wage and tax reporting purposes. A business may ask for Social Security
number so they can check credit when applying for a loan, or rental of a property. It is key to
know when it is absolutely necessary to share this information with a second party.
One needs to be alert about online activity. Due to how advance most technology is,
any online platform is a populated watering hole for fraudsters. Knowing who is obtaining
one’s personal information online is key. Granted that it is nearly impossible to determine who
has or is getting personal information on the internet, once in doubt one should always contact
the company’s customer service and validate various online requests that being sent through
an email (Roberts, Indermaur, & Spiranovic 317). It is also helpful to protect one’s computer by
using an anti-virus software, anti-spy software, and a firewall. Protect against intrusions and
infections that can compromise the computer files or passwords by installing security patches
for the operating system and other software programs. Without knowing who the source of an
email is, one should not click on links, or download programs that are from unknown sources.
Opening a file from an unknown source could expose the system to a computer virus or
spyware that captures passwords or other information that is typed in (Roberts, Indermaur, &
Spiranovic 321). Before disposing of a computer, all the personal information in stores should
be wiped.
Personal data should be protected through encryption, browsers should remain secure,
put a lock icon on the status bar of the Internet browser should appear letting one know that
personal information that was transmitted during an online transaction was safely processed.
One should protect data and personal information and be wise about using public Wi-Fi. Before
sending personal information over laptops or smartphones on a public wireless network, check
to see if the information will be protected (Roberts, Indermaur, & Spiranovic 323). If an
encrypted website is used, it protects the transmitted information securely. If a secure wireless
network is utilized, all the information that is sent on that network is protected as well.
Passwords should be kept private. Using strong passwords with laptops, credit, bank and other
accounts is strongly recommended. The longer the password, the harder it is to crack. Create
passwords that mix letters, numbers, and special characters. The same password should not be
used for many accounts. If it’s stolen it can be used to take over multiple accounts.
People don’t usually think about the negative impact of oversharing information on
social networking sites. If one posts too much information about themselves, an identity thief
can find information about one’s personal life, use it to answer ‘challenge’ questions on
accounts, and get access to money and personal information (Roberts, Indermaur, & Spiranovic
327). Limit access to networking page to a small group of people. Things such as a Social
Security number, resident address, or account numbers should never be posted in publicly
accessible sites (Roberts, Indermaur, & Spiranovic 327). Keep financial information on laptops
only when necessary. It is recommended not to use an automatic login feature that saves user
identification name and password, and always to log off when finished. That way, if the laptop
is stolen, it will be harder for a thief to access personal information. Most consumers do not
always read privacy policies. They can be long and complex, but they explain how the site
maintains accuracy, access, security, and control of the personal information it collects; how it
Knowing all of this information is not an assurance that the crime will not happen, but it
will affectively arm those who have fell victim to the crime or believe they are highly vulnerable
to their identity being stolen. Fraud in general is the fastest growing crime around the world.
Why risk life for an advancement in wealth when a computer is the only tool necessary to
become the winner of “Who Wants to be a Millionaire”? Within the realm of white collar
crimes, identity theft is now becoming a daily occurrence for almost every one. It is at the point
that more often than not victims do not even panic about the situation. With that being said,
knowing who to call and when to call in regards to this matter is extremely important in the
prevention, and recovery processes. Being lost in a case of identity theft could leave a victim
completely bankrupt without a trace of remedies in sight for at least years. Rather than being
behind the curve watching the fraudsters speed ahead, people need to educate themselves and
learn about this crime in order to, at minimum, catch up to those willing to benefit from others’
Anderson, J. Craig, The Arizona Republic. (2013, April 14). Identity theft growing, costly to
Carrns, A., Scheibjer, N., Lieber, R., Sullivan, P., Cohen, P., Sommer, J. Richards, C. (2018,
Kess, S., Grimaldi, J. R., & Revels, J. J. (2017). Identity Theft. CPA Journal, 87(1), 66-68.
Roberts, L. D., Indermaur, D., & Spiranovic, C. (2013). Fear of Cyber-Identity Theft and Related