The theft of personal and sensible data is a very old crime.
The coming of the web has put a spotlight on the problem, because the net gives new opportunities to modern criminals, who have rapidly get used to new technologies to steal important information for their illegal aims.
The identity theft, intended as the theft of personal data to be used by a third party to commit crimes, is in fact increasing. The internet, the e-mail, the social networks and the electronic transactions have increased the circulation of personal data and contributed to make the internet surfer more vulnerable.
What is identity theft?
In the Italian legislation there is no specific law about identity theft and the crime is punished by article 494 of the Penal Code as the “Substitution of person”.
Lacking a precise definition of identity theft, it can be considered as any action carried out to illegally obtain information about persons or firms in order to use it for illegal aims.
There is the total identity theft when the criminal uses the whole identity of a person, real or unreal, dead or alive. There is also the partial identity theft, when only some real information is used and other is fake.
How it happens?
Nowadays the majority of the thefts happen online: phishing attacks for bank accounts, fake job offers to recycle money, requests for personal data and information. With this data criminals usually buy goods and services online, open bank accounts…
The internet is not the only way used by criminals to steal an identity. Sometimes consumers’ behaviour helps them. There are in fact different techniques to steal an identity, here you are some:
Trashing: criminals often look for personal data inside the trash ( credit card and bank bills, old water or energy bills, old insurance contracts…). A lot of documents consumers do not consider important, but that can provide criminals with information they can use for their aims.
Nowadays eBay has become a good trashing platform: people sell old phones or PCs without cancelling personal data inside them and criminals take advantage of it.
Undesired contacts: scammers often try to contact the victim by declaring to work for a bank or a firm with which the consumer has a relation and they ask to update personal data. Other times they present themselves as market researcher and ask for personal information.
Skimming: it happens when a credit card is cloned. The skimmer is the means used to save the content of credit card magnetic stripe. It can happen that criminals substitute the real skimmer of an ATM, for example, with one installed to read and register the credit card information.
Mobile phones: by sending text messages about lottery wins or similar, criminals ask to get in contact with the final aim of stealing data.
…in the virtual world
Vishing: it is the latest evolution of phishing and it is related to the use of Voip, that is internet phone calls. It can happen that the cyber criminal pretends to be a banker and calls the consumer to ask personal data to solve fake problems or to ensure the account.
Sniffing: it is a way to capture data being transmitted on a network. A sniffer is a software program used by IT administrators to monitor the network or to investigate problems. It can be use illegitimately to see personal data and to use them.
Web: the use of internet puts consumers at risk often unknown or underestimated. Internet users are asked to provide with personal information to access certain sites or to buy goods and services. Personal information are then available online through social networks like Facebook or Twitter. Even if not all personal data are shared on social networks, sometimes this data is sufficient for a scammer to find others: for example name, surname, place and date of birth are enough to find the fiscal code and this is sufficient to obtain other information. Stolen personal data has a huge and billionaire market: they can be used to create fake documents, to recycle money, to buy goods and services, to subscribe fake insurances…
Why stealing the identity?
When the victim is a person, the scammer usually uses the data to open bank account, to pay with fake cheques or to empty the victim’s bank account. When the victim is a firm, the criminal has access to the registers and he can change the name of the owners to benefit from various services.
The dimension and the knowledge of the issue
According to a research conducted by Unicri ( agency of the UN active in the prevention of crime) the average Italian is unaware or almost unaware of identity theft. A third ( 31,3%) knows what the phishing is, and a sixth the trashing. The rest does not know anything. There is some confusion, unawareness and resignation ( “it can happen”) among the interview sample.
According to the data, 25,9% of Italians has been exposed to a potential identity theft – succeeded or not- during last year. The risk is there and it is high, but nevertheless only 38,9% Italians are afraid of it.
To face the phenomenon Adiconsum has created a permanent observatory in cooperation with Fellowes-Leonardi. It aims at monitoring the issue, at informing citizens about the risks and at assisting them in case of theft.
It is important to be always careful. Never give personal information to stranger, unless you are sure you are talking to reliable people. Be always suspicious when contacted by people who ask personal data, even if they affirm they work for your bank or are from the police. Always ask their name and phone number and check the reliability of this information.
If you do not receive your consumption bills, contact immediately the supplier, because a missing bill could mean that someone have changed the address.
Be careful in publishing personal information on the internet. Choose usernames that are not related to your real name and never use passwords that are real codes.
Open a separate email account not connected to your real name, to use it to get communications from websites.
Remember that what is posted online stays online! Therefore never upload things that can create problems in the future. Limit the privacy restrictions on social networks and use a good antivirus and a firewall to protect your PC.
Remember that in case of theft consumers’ association can help and assist.
To know more
European Electronic Crime Task Force
It is the first European centre of analysis and research on cyber crime. It was born in Rome in June 2009 from an agreement among the Department of Public Security, Poste Italiane and the US Agency anti fraud. This Centre aims at creating an online platform to share information about cybercrime between professionals and experts: institutions, police, universities and also citizens. The objective is to guarantee that internet users are safe and that normal operation online do not become ways to commit crimes.