Identity Theft
From MgmtWiki
Full Title or Meme
Identity Theft is a special case of an Identity Pathology that is used to acquire access to financial accounts at a Web Site that can be exploited to provide the attacker with the means to steal or launder money or other user assets.
Context
- There are many types of accounts that can be exploited by attackers. For example the attacker can use illegally acquired money in one country to over pay a user's tax account and then apply to that taxing authority for a refund.
- The US Federal Trade Commission defines Identity Theft as "someone using your personal information to open accounts, file taxes, or make purchases". Note that stealing a credit card, which has no intrinsic value, is not a major crime. Using a stolen credit card account number to make a major purchase is a major crime.
Problem
- The number of exploits against a user's
- It is easy at many Web Sites to create accounts. Only financial accounts that are in a depository institution (like a bank) are subject to strong Know Your Customer legislation.
Solution
- Users must be protected from fraudulent account creation by giving them control of their own User Private Information.
- It is now the law in the US for free User control of the release of User Private Information by the credit agencies.[1]
- Still Users need to be aware of their own account status and monitor them for fraudulent activity.
References
- ↑ Ann Carrns, Freezing Credit Will Now Be Free. Here’s Why You Should Go for It. (2018-09-15) New York Times p. B4 https://www.nytimes.com/2018/09/14/your-money/credit-freeze-free.html