Internet ID Theft Statistics Show How Online Identity Theft Works

Internet id theft statistics reveal online id theft is the fastest growing id crime.

It can occur even on websites we trust and is often underestimated and misunderstood by many people who take the most stringent precautions to guard privacy and safety on the Net.

Although statistically this type of identity theft occurs less frequently than other types, it is perhaps the type of ID fraud that we should be most aware of.

Internet id theft statistics also uncover how our online identities are made up and how our identities are stolen and these are the aspects we'll focus on here...

  1. Our Digital Identity
  2. Theft From Phishing
  3. Theft From Pharming
  4. Theft From Spam And Spyware
  5. What Next?

1. Internet ID Theft Statistics... What Is Our Digital Identity?

On the Internet, our identity is made up of...

  • IP (Internet Protocol) address
  • address where we live
  • usernames
  • passwords
  • personal identification numbers (PINs)
  • social security numbers
  • birth dates
  • account numbers
  • mother's maiden name, etc
These digital identities work on the basis that we're the only individuals who know this information.

However, because we use the Internet for all sorts of financial transactions, criminals are developing sophisticated techniques to steal these digital identities. Internet id theft statistics show their aim is to use our identities to open credit card accounts, bank loans, mortgages... in fact, any transaction that will make money.

There is one main difference between internet identity theft and other types of ID theft...

With internet identity theft we don't have to wait for a thief to physically steal our information. Instead, we may unwittingly hand over the information ourselves.

Information about us can be stolen by computer criminals from the databases of banks, retailers, ISPs and data clearinghouses.

However, there is an easier way for the thief... and that is to steal the information from us or to trick us into providing the information.

As there is not a lot we can do about theft of our information from third parties, let's now concentrate on what Internet id theft statistics show as the three main ways Internet identity thieves acquire our personal information...

2. Internet ID Theft Statistics... The Phishing Lure

Just like fishing, phishing -- sometimes called spoofing -- also uses a lure to catch its victims.

This lure often comes in the form of a spam email or pop-up warning that looks like it has been sent from a company we trust. Often the companies are ones that we use regularly, like our bank, credit card company or some other online payment system.

Thanks to the press, most people are now aware that emails purporting to be from a bank and asking for their online details are a phishing fraud.

Sometimes, however, the email may be from a company we haven't heard of, but notifying us we are being invoiced for, say, $700 for an order. It's understandable that many people will be concerned and will click on the link to investigate further.

Let's look at what Internet id theft statistics show the purpose of all these lures to be...

The Purpose Of Phishing Lures

The purpose behind phishing emails is to cause us to,

  • click on a link to verify/cancel a purchase
  • update our personal information
  • validate our account to prevent it from being cancelled etc.

If we click on the link indicated, we are directed to a web site that is designed to look exactly like the official site of the company being mis-represented.

Under the assumption that they are at an official site, victims enter specific personal information, such as social security number, credit card number or password.

A study by Gartner, a security company, found that as much as 3 percent of phishing scams may be successful, with Internet users divulging sensitive information to the scam artists.

Based on Internet id theft statistics from a survey of 5000 U.S. adult Internet users, Gartner estimated that...

  • 57 million adults have experienced a phishing attack
  • 1.78 million adults could have fallen victim to the scams
  • The cost of phishing... 1.2 billion dollars!

The truth is that legitimate companies will never ask for our personal information in this manner. But, many people take the lure because the emails and pop-ups look like they really come from the company indicated.

If you want to feel confident that you are doing all you can to protect yourself against phishing attacks, read the article Phishing And How To Block It

3. Internet ID Theft Statistics... Pharming

Internet identity theft through pharming is a great deal different than phishing. It is of increasing concern to business and website owners as well as consumers.

In pharming, a cyber criminal cracks a vulnerability in an ISP's (Internet Service Provider) DNS server and hijacks the domain name of a commercial site.

Anyone going to the genuine site is then redirected to an identical but bogus site.

Once redirected, unsuspecting site users will enter personal information, such as a password, PIN number or account number, which the pharmers immediately use at the genuine web site

The personal information gained can be used to purchase merchandise, clean out bank accounts, open new ones and commit other identity theft crimes. The information can even be sold to other criminal groups and used again and again.

Since pharming is so technically sophisticated, it is virtually impossible to detect or prevent. And since it is almost impossible to measure, there are no Internet id theft statistics to show how prevalent it has become.

However, there are a number of detected instances which illustrate that even well-known and trusted sites can be affected...

  • In January 2005, the domain name for a large New York ISP, Panix, was hijacked to a site in Australia.
  • In 2004 a German teenager hijacked the domain name.
  • Secure e-mail provider Hushmail was also caught, when the attacker rang up the domain registrar and gained enough information to redirect users to a bogus webpage.
As you'd suspect, this type of internet identity theft is extremely difficult for consumers to protect themselves against. It is, therefore, up to the companies themselves to engineer websites that cannot be tampered with.

As a result, more and more companies are taking steps against pharming.

Such sites are known as pharming-conscious, or "PC". They have taken the steps necessary to keep our private information secure. They also use domain names that cannot be hijacked and scramble our personal information while it is being transmitted.

4. Internet ID Theft Statistics... Spam And Spyware

We can inadvertently download spyware just by clicking on a pop-up ad or viewing spam email, for example.

Spyware is technology that surreptitiously gathers information, such as user IDs and passwords for bank accounts.

It can do this by logging all our keyboard strokes, or by using Trojans and other techniques to collect information from our PCs. This information is then passed back to the perpetrator when we connect to the Internet.

Spam and spyware risks are covered in detail in other articles in Guard Privacy & Online Security. If you want the Internet id theft statistics on these -- or simply more information -- then click on the following links...

5. Internet ID Theft Statistics... What Next?

If you want to check that you are doing all you can to minimize your chances of becoming one of those Internet ID theft statistics, then check out the advice in, Protection From Identity Theft.

For other identity theft articles that will expand your knowledge, you'll find the following useful...

5. Internet ID Theft Statistics... Supporting Articles


New! Comments

Have your say about what you just read! Leave me a comment in the box below.