Internet Identity Theft

Internet identity theft is vastly different from common identity theft in several ways, and it is also more difficult to detect. Whereas common identity theft often involves physical stealing, such as credit cards, mail, checks and identification cards, internet theft steals confidential documents, such as receipts and tax returns, from individuals’ computers without their knowledge.

Personal home computers collect and store all sorts of personal information, like cache, browser history, temporary internet files, and passwords, deep within individuals’ hard drives. These files can be used by internet thieves and hackers to reconstruct confidential information, including credit card and social security numbers, addresses, and login ids.

Malware is uploaded onto individuals’ computers through emails, unsecured websites, downloads and by clicking on links. Internet identity thieves and hackers primarily harvest confidential information through malware subtypes, such as:

• Worms
• Spyware
• Viruses
• Rootkits

What Malware is, and how it occurs

Malware is any malicious software that is designed to infiltrate, destroy or damage a computer system, and includes viruses, Trojan horses, worms, rootkits, backdoors, spyware, adware, and crimeware.

Viruses are computer programs that are able to replicate themselves and infect a computer without the computer owner’s consent. Computer viruses spread by infecting files, a computer’s specific system areas and/or a network router’s hard drive. It then makes copies of itself. Viruses are primarily spread through emails, attachments and unsecured websites, and are designed to either damage computer files or spread to other computers.

Trojan horses are computer programs that hide viruses or other malware subtypes. Trojan horses may disguise themselves as legitimate computer programs, but in fact, they perform damaging actions on computers. Trojan horses are oftentimes contracted when users download free software or email attachments.

Worms are a certain type of virus that spreads through self-replication. Worms generally use networks to send copies of themselves to other computers on a network, and they take up valuable bandwidth and memory, which can cause a computer to be nonresponsive. Hackers are also able to gain access to users’ computers and steal information through worms.

Rootkits are software programs that are designed to hide the fact that a hacker has gained access to a user’s computer. They are difficult to detect, and it sometimes takes years to discover them. Once a hacker has gained access to a computer, they will install a rootkit so that they are able to continually access that same computer without being detected.

Backdoors, similar to rootkits, also provide hackers access to users’ computers by hiding the fact that a hacker has gained access to a user’s computer.

Spyware is software that is downloaded onto a user’s computer with the intent of collecting their personal information and monitoring their internet browsing habits. Spyware also collects users’ personal information, redirects web browser activity and installs additional software. This results in slower connection speeds, unauthorized changes in homepages, and damage to other programs. Spyware is downloaded onto users’ computers through pop-ups, software installations and websites.

Adware is a type of software that when downloaded, results in advertisement banners and pop-ups. This can result in slower connections, and it can also make users’ computer systems unstable. Some adware will also monitor user habits and information, and potentially sell it to third parties. Adware can be downloaded unsuspectingly when users download free software such as computer games, wallpapers, advanced search engines, peer-to-peer programs, and other programs.

Crimeware is any computer program designed to aid in illegal online activities. Some types of crimeware gather users’ personal information illegally by installing keyloggers, which record everything that is typed, and other crimeware aids in online phishing by providing tools to con artists. Crimeware can be installed unknowingly through vulnerabilities in web applications, email, and peer-to-peer sharing networks.

What can happen

Hackers use malware to obtain users’ confidential information, such as account and social security numbers, addresses, tax information, and other information that can be used for some sort of monetary gain. With the above personal information, hackers and internet thieves can commit a variety of crimes, such as:

Identity theft

Thieves can use individuals’ account numbers to open fraudulent bank accounts, apply for credit, and make large purchases.

Employment fraud

Thieves can use individuals’ identities to obtain employment falsely. All they need is an individual’s social security number, account number and personal details, such as date of birth and addresses.

Black market identity selling

Thieves can log onto black market websites and sell individuals’ personal information, such as account numbers, identification numbers, and addresses, to other thieves. Oftentimes complete identities are sold for as little as $14.00 on these illegal websites.

Notorious Computer Viruses

Computer viruses have existed for over 25 years, and there have been several notorious computer viruses over the years. The more recent ones have included:

Love Bug (2000)

The Love Bug virus was spread through email attachments by disguising itself as a love letter. When the recipient opened the attachment, the virus sent copies of itself to their address books.

Sasser (2004)

This virus caused computers to continually crash and reboot themselves, and it infected millions of computers around the world.

Mydoom (2004)

This worm was the fastest spreading email worm ever, and it was commissioned by spammers to send junk-emails out to computer users via infected computers.

How to Protect Against Malware

Individuals can protect themselves against malware by practicing commonsense precautions when surfing the internet and checking emails:

1. 1) Do not click on every link that is received through email or instant messages. Oftentimes, malware is embedded in links and emails. It is important to not open any sort of suspicious links or emails, even if they are from a familiar person.
2. 2) Do not download free applications over file-sharing networks, such as LimeWire. Malware, such as spyware, adware, and Trojans, may be embedded in the downloaded programs. Only download software from a trusted, secure website.
3. 3) Do not use internet explorer as a default page. Instead, internet users should use Firefox, which is more secure and protects against potentially hazardous websites. Users should also use Firefox’s No Script add-on, which blocks malicious Javascripts and Flash programs.
4. 4) Use a firewall. Users should turn on their Windows firewalls and any firewalls that they have in their home routers.
5. 5) Upgrade any software applications. All software programs, including Quicktime and Acrobat Reader, should be updated on a consistent basis to protect against program vulnerabilities.
6. 6) Apply patches. Users should apply patches to their computers to also protect against vulnerabilities.
7. 7) If users use peer-to-peer sharing programs, they should save their important files in file folders other than “my documents”. P2P sharing programs have access to contents in the “my documents” folder by default and can share confidential files with thousands of users.

In addition to following these commonsense tips, individuals should also:

1) Install a reputable anti-virus program.

All computer users should install a reputable anti-virus program, such as Norton or McAfee Antivirus, before surfing the internet or downloading files. Reputable anti-virus programs will protect against most malware, including worms and Trojans, but they will not protect against adware and spyware.

2) Install a reputable anti-spyware program.

Computer users should also install a reputable anti-spyware program, such as Kaspersky or Spyware Doctor, in order to protect against malicious spyware and adware.

3) Install firewalls.

Firewalls should also be installed to protect against unauthorized outside access. PCs generally have built-in firewalls that need to be turned on.

4) Update all anti-virus, anti-spyware and firewall programs.

All anti-virus, anti-spyware and firewall programs should be constantly updated in order to protect against the latest malware advances.

Identity theft companies, such as LifeLock and TrustedID, also provide customers with computer protection by offering spam and junk mail removal. These companies also scan the online black markets to see if customers’ information is being bought or sold, and if identity theft should occur, these companies will combat it through credit freezes, fraud alerts and much more.