Fraud & Identity Theft
Fraud and identity theft using social network sites as a tool is a fairly new and growing area of theft. More so to people who don’t have online profiles, criminals are using known public information to create fake profiles. A court case in 2008 in which an overprotective mother established a fake profile to bully her daughters’ rival. In consequence of this trail, judges criminalised the act of creating fake persona profiles online (Daily Mail, 2008).
Social networking fraud and identity theft happens more commonly among youngsters using SNS as a way of meeting new people and communicating with their friends. Upon signing up to sites, information such as names, address, telephone numbers, date of births and schools attended and then this information is clearly displayed on the users profile. Other users can then view all this information collectively (Siciliano, 2009). Many users will upload personal information like this and not give it a second thought but an attribute as simple as the users date of birth can be used against them in an identity theft attack. An example of this could be a lost/stolen bank card, if they found by the wrong individual, this individual could search for the bank cards owner using the name on the card and the area the card was found in as a hometown. Once found, note the DOB and other personal details. A commonly asked question asked by banks to determine a person’s identity is what is your date of birth? Combine this with the bank card, owners name and address the assailant could gain access to the users’ bank accounts. The carefree attitude a user takes towards displaying private details so publicly on SNS is not only what puts the user of the site as risk but also the people that they live with.
The survey carried out with this report showed that 13.5% of users had their accounts hacked and personal information leaked (Figure 12) and a report issued by PCWorld stated that a third of social networking users have at least 3 pieces of information on their pages that could lead to identity theft (Siciliano, 2009). Putting the two figures together and it becomes clear why identity thieves are intrigued by the content on the users’ social networking pages.
A survey found that 80% of users are concerned about privacy issues on social networking sites yet almost 60% of them are unaware of what their own privacy settings are (Siciliano, 2009) and who can see their personal information. Most social networking sites have privacy setting in which a user can manage their own accounts. Altering the settings to make a users profile totally private could be the difference between a user being safe or becoming an identity theft victim.