Identity Theft

1. Credit Card Theft: Credit theft is obtaining someone else's credit card without them knowing. Stolen credit cards can be used to make purchases or access the owner's bank accounts. By using your credit card on unverified or shady websites, you are at risk of getting your personal information stolen. To protect yourself from credit card theft, you can simply not purchase anything from these websites, or you can use a pre-paid card. Although websites cannot obtain personal information from pre-paid cards, websites can still alter the amount paid.




2. Phishing Schemes: Phishing is the most common method of identity theft. It involves the thief pretending and disguising themselves as a trustworthy entity to obtain the victim's personal information. Most common types of phishing are deceptive phishing, spear phishing, malware phishing and keylogger phishing. You can avoid phishing schemes by double checking every email or message you get of the sender and the websites or files added to it. There is also anti-phishing software which detects phishing for you.
   Deceptive phishing involves a thief impersonating a large company and sending emails or messages to victims asking them to renew their passwords or protect their accounts from potential danger. They might send links to a fake website that looks identical to the legitimate one, and they can steal your information once you type it into the fake website.
   Spear phishing is the thief impersonating the victim's friend, employer or family to convince them to send personal information. The thief needs to do prior research about the victim, and it is very successful as 91% of phishing schemes involve spear phishing.
   Malware is "any piece of software that was written with the intent of doing harm to data, devices or to people" [5]. Different malware are virus, trojan, adware and spyware, but spyware is typically used in phishing attacks. Spyware is self-explanatory. The victim will have no clue about having the malware, and it will spy on whatever thing they do online, and it can steal your personal information. They will get the victim to download the malware via deceptive scheme or spear scheme.
   Keylogger is a "hardware device or a software program that records the real time activity of a computer user including the keyboard keys they press" [1]. After getting downloaded, they can secretly be inserted into browsers or drivers for devices such as your keyboard. The thief can get your personal information whenever you type it. Again, it can be downloaded via deceptive phishing or spear phishing.
   

Questions!

1. What is one way to protect yourself from credit card theft when purchasing from an unverified website?
2. What does the thief do in spear phishing?
3. What is a keylogger? Where can it be secretly inserted after being downloaded?

Bibliography

1. Bradley Mitchell, What is a Keylogger and Key Logging Software?, https://www.lifewire.com/definition-of-keylogger-817998, 2017.
2. CIMIP, Identity Crimes, http://www.utica.edu/academic/institutes/cimip/idcrimes/schemes.cfm, 2009.
3. Computer Associates, Types of Phishing Attacks, https://www.pcworld.com/article/135293/article.html, 2007.
4. David Bisson, 6 Common Phishing Attacks and How to Protect Against Them, https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/, 2016.
5. Debbie Stephenson, Spear Phishing: Who's Getting Caught?, https://www.firmex.com/thedealroom/spear-phishing-whos-getting-caught/, 2013.
6. Jonathan Lemonnier, What is Malware? How Malware Works & How to Remove it, https://www.avg.com/en/signal/what-is-malware, 2015.
7. NBCNews, Nearly 13 Million Americans Victimized by ID Thieves in 2014, https://www.nbcnews.com/business/consumer/nearly-13-million-americans-victimized-id-thieves-2014-n316266, 2015.