Google announced Monday that it will reduce the lifespan of “Cookies” from 30 years to 2 years. Such Cookies are small files planted on the computers of consumers, primarily tracking internet use and recognizing users’ preferences. Such move will somewhat improve consumers’ privacy.
Identity Theft, which can be exacerbated by cookies associated with Malware programs that infiltrate computers of unaware consumers, can possibly be reduced if Internet Browsing was totally anonymous; however It is highly unlikely that Internet Browsing will ever be totally anonymous for two main reasons. First, technologically speaking, 100% anonymity is practically impossible. Second, existence of search engine companies, such as Google, would be financially jeopardized.
On the surface, Google’s announcement may seem as a drastic measure, cutting the lifespan of its cookies by more than 93%. More…
Although many Americans are familiar with Identity Theft, and the severe consequences of becoming a victim of such crime, many individuals are not familiar with one of the most effective tools for fighting Identity Theft: Credit Freeze. In a recent informal poll/survey conducted by GammaWealth Strategy & Research, and published at http://www.creditlock.com, visitors were asked what they believe happens when they place a Credit Freeze. 77% answered correctly, by saying that access to their credit report is frozen. Meanwhile 21% answered incorrectly, with 2% saying that access to their Credit Cards is frozen, 11% saying that access to both their credit cards and credit report is frozen, and 8% saying that neither access to their Credit Report, nor access to their Credit Cards is frozen.
Such result implies that if such poll was conducted by phone interviews with a random sample of the general public, substantially less than 77% would have answered correctly due to several factors: More…
Identity Theft has taken center stage this week following the release by The President’s Identity Theft Task Force of its latest plan: Combating Identity Theft, A Strategic Plan. The aim of the plan, outlined in a 120 page document, is undoubtedly a noble one: to eliminate or drastically reduce Identity Theft and its related negative consequences. In doing so, the task force analyzed most aspects of Identity Theft and its related crimes and tools including Phishing, Dumpster Diving, Carding, Skimming, etc…
The plan has several strengths and represents a great effort to confront one of the most daunting crimes of the new Millenium. However, there are also some weaknesses, as well as potential red flags, as illustrated below…More…
The world has experienced an unprecedented growth in Identity Theft during recent years, fueled by multiple channels including sophisticated Phishing schemes, Malware and infiltration of organized crime. The globalization of Identity Theft will mean that regional efforts to contain the problem will achieve minimal results at best.
In the U.S. it is estimated that as many as 17.3 Million individuals were victims of Identity theft during 2005 and 2006 on a combined basis, with an estimated total of $106 Billion in associated losses (BBB/Javelin). In Canada, the Canadian…More…
There have been several voices expressing the opinion that Immigration contributes to Identity Theft; but is that true? Unfortunately, when such voices are expressed, and despite merely being opinions, they resonate with anti-immigration supporters. Many such voices fail to realize that when individuals decide to leave their homeland, many are also leaving their spouses, children, parents, friends, family, and their homes. Such unfortunate souls do not leave so much that matters to them behind, for the pursuit of a career in crime in another country. On the contrary, when an individual makes the hard choice of uprooting himself, it is for the pursuit of an honest money earning job, and a better life in another country. After all, doesn’t it make sense that those interested in crime, can practice crime in their own country, without the need to uproot themselves? We examined State by State Identity Theft complaint data to shed further light on this issue… More…
In a recent informal poll published at www.CreditLock.com, more than 57% of respondents said they know at least one victim of Identity Theft. That means about one in every two individuals has either been a victim of Identity Theft, or knows someone who has been a victim.
Initially, such result may seem surprising and excessive. It is possible that the results are skewed by the fact that visitors to www.creditlock.com are inclined to be those seeking information on Identity Theft for the same fact that they are themselves victims or know victims. However, even if such results may be skewed, the following facts lead us to conclude that they are not too far from the truth…. More….
Is technology a blessing or a curse? Some may reply: what kind of question is that, after all, if technology was not a blessing, why would human kind pursue it? Technological advances have given us the car, the plane, the moon, an ample food supply, solid shelter, warm clothes, energy, medicine, etc… Technology has also given us nuclear bombs, germ warfare, global warming, and some would argue, loss of privacy… More….
A recent poll released yesterday by Zogby International revealed that 91% of respondents are concerned about Identity Theft. Yet, the same survey also revealed that 69% of respondents said that they never, rarely, or only sometimes read Company Privacy Policies. Only 7% said they always read such policies, while 24% said they read most of the time. Privacy Policies usually state how a company will use personal information gathered from the customer.
Such results may seem odd and unexpected. You are concerned that your personal information may be compromised. You are concerned this would subject you to the possibility of Identity Theft. You are voluntarily providing merchants with your personal information. Why wouldn’t you want to know how your information will be used?
Philosophically, the answer may be simple. If a merchant is going to misuse personal information, does it really matter what they say in their Privacy Policies? Such skepticism is reflected in the Zogby Poll. Almost half of respondents said they believe companies will share or sell their information despite promising not to do so, while 35% believe that companies will not follow up with promises to protect such information.
We actually believe that reputable institutions and businesses have too much to loose from deliberately misleading the public in the statement of their Privacy Policies. Although skepticism, whether at a subliminal or conscious level, may play part in consumer behavior, human nature for “passiveness” also plays another part. Consider the following additional statistics.
According to a Federal Trade Commission report on Identity Theft, 62% of Identity Theft Victims in 2006 did not notify a Police Department while 57% of Victims did not contact a Credit Reporting Agency. Once again, this may seem unusual. If someone stole your identity, why wouldn’t you contact the Credit Reporting Agencies in order to protect your credit and limit the possibility of financial damage? Is it possible that so many people do not realize that contacting the Police and Credit Reporting Agencies are probably the first things to do when a person becomes a victim of Identity Theft?
Whether it is “Human Passiveness”, “Skepticism”, or another reason, unless consumers take active preventive measures, consumers certainly have reason to continue to be concerned about Identity Theft. There are many resources offering Identity Theft information and services where consumers can learn about preventive measures, such as www.CreditLock.com and www.ftc.gov.
Most consumers concerned about Identity Theft have heard of Phishing: a name given to a fraudulent communication, typically transmitted through an email, pretending to be from a trustworthy institution, such as a bank. A Phisher looks to acquire sensitive private personal information, from unsuspecting individuals. Such information is then used to fraudulently withdraw money from the victim’s bank account, or to engage in another Identity Theft related crime.
Until recently, Phishers have used “generic” techniques, reproducing the corporate identity of a reputable institution, such as Paypal or Chase bank. Such Corporate Identity, distinguished through logos, colors, formats etc… is used to highlight a generic message such as: “The security of your account may have been compromised, and unless you click the link below to verify your information, you will loose access to your account.”
Such criminal techniques have become well known. Consumers have been well advised not to click on such emails. Consumers are still left with the task of distinguishing between authentic and fraudulent emails. When the email’s message is generic and non-personal, a consumer can safely assume it may be a form of Phishing. However, when an email’s message is personal, or relates to a recent action by the consumer, then the consumer is less likely to identify Phishing.
Such “Custom” Phishing is likely to increase Identity Theft risks. Criminals use spyware and other investigative techniques in order to acquire semi-private personal information for a certain individual. Then such information is embedded in a Phishing email, in order to retrieve additional private and sensitive information.
In an example of “Custom” Phishing, an individual recently received an email pretending to be from Paypal (a payment processing company with more than 120 Million customers). Such email looked exactly as if it had been sent by Paypal, with the proper logo, colors, formats, etc…. Furthermore, such email warned the recipient that he has been accessing his account from outside the U.S., and unless information is verified, his account will be frozen.
As it turns out, the recipient was indeed accessing his account from outside the U.S. during the past few days. Whether the Phisher attained such information through a spyware, investigative technique, or pure luck, is not known. Despite the recipient’s Identity Theft and Phishing awareness, the timing of the Phishing email, and the nature of its content, caused him to wonder whether such email was authentic or not. Rather than click on the email, the recipient forwarded the communication to spoof@paypal.com , and Paypal confirmed that such email was indeed Phishing.
As such “Custom” Phishing techniques evolve, there is a higher likelihood that even suspecting consumers can possibly fall prey to a Phisher’s net. In order to avoid becoming a victim of Identity Theft, a consumer may soon have to request authenticity validation for most or all communications received from a “supposed” reputable sender. This could ultimately lead to the “Next Generation” of Smart Email Management Programs. Such programs would have the capability to automatically validate any incoming emails, and placing all suspect emails in a “Phishing Alert” folder for review and possible deletion. Until such day arrives, Consumers Beware….
According to a weekly informal poll published on www.creditlock.com, more than 81% of respondents reported that they believe that more than 45% of emails they receive contain fraudulent claims. Furthermore, 26% of respondents believe that more than 90% of emails they receive contain fraudulent claims. In a previous weekly poll, when asked which Identity Theft threat concerns consumers the most, 33% of respondents chose Phishing, placing such threat concern in the number one spot.
Despite such strong consumer awareness about the threat of Phishing and Email Fraud, the FTC reported that in 2006, in 60% of fraud complaints, the company’s initial method of contact was either email (at 45%) or web (at 15%). Furthermore, “Electronic Funds Transfer-related Identity Theft remained the most frequently reported type of Identity Theft bank fraud”, and 23% of consumers reported wire transfer as the method of payment. When engaging in Identity Theft on the web, in email, and through illicit transfers, criminals often resort to Phishing to retrieve valuable consumer personal information.
Why is it that despite very strong consumer awareness about Phishing and Email Fraud, such venues continue to remain a serious Identity Theft risk? The answer lies in the astronomic number of emails sent each day worldwide. Estimates for the number of emails sent each day worldwide vary widely. Some estimate such figure at over 60 Billion emails per day in 2006, while others, such as the Radicati Group, put such number at 171 Billion emails per day. Furthermore, the Radicati Group estimates Spam at about 71% of all emails, while others, such as Postini (a US Email Security Company), puts such figure at 90%. Postini also estimates that there are about 200 criminal gangs generating 80% of Spam emails.
Given such tremendous volume of emails, if unsuspecting consumers respond to only 1 per Million of such emails, then the number of responses per day can be anywhere between 60,000 and 171,000. If 80% of such emails make fraudulent claims, then you can potentially have between 48,000 and 142,000 responses to fraudulent emails. If we divide such number by 30 to account for emails sent to same person, and other factors, we are still left with about 1,600 to 4,700 potential fraud victims per day. Such number is extremely conservative, given our assumption of a response rate of 1 per million, and the additional division by 30.
Our objective is not necessarily to arrive to an exact figure, but to demonstrate that given the sheer size of emails sent each day, it only takes a micro response rate to generate a substantial number of fraud victims each day.
It is unfortunate that the distinction between fradulent content emails, and “cold-marketing” emails is probably disappearing. If 26% of the respondents to the poll published on www.creditlock.com believe that more than 90% of emails make fraudulent claims, then that certainly does not leave much room for marketing emails that have no fraudulent content. Although it is necessary to try to control and stop emails that have fraudulent content, it is almost impossible to do so without limiting all Spam emails: those with legitimate content, and those with fraudulent content. Some would not mind limiting all such emails. Others, don’t mind receiving a legitimate email about a topic or a product they may be interested in. However, most likely, given the risk of viruses, and fraudulent content, those who don’t mind receiving legitimate marketing emails are willing to sacrifice such preference for the sake of security.
Until such day arrives, where all Spam emails, and fraudulent content websites, are somehow abolished (which is highly unlikely to happen), Phishing will most likely continue to be a serious Identity Theft threat.
Save To Del.icio.us 
Seed Newsvine
