- Why Phishing Works By Rachna Dhamija, J. D. Tygar and Marti Hearst
- Five Certainties in the Uncertain World of Identity Theft By the TowerGroup
- Victim’s Guide for Identity Theft By the Los Angeles County Sheriff’s Department
- 2007 Identity Fraud Survey Report By Javelin Strategy & Research
- Consumer Fraud and Identity Theft Complaint Data By the Federal Trade Commission
The March 11, 2007, Freakonomics column in the New York Times Magazine asks this question: Who really cares about identity theft? Dubner and Levitt clear up some misconceptions about the subject and get a guided tour of a hacker chat room where credit-card numbers, passwords, and PIN’s are bought and sold. This blog post supplies additional research material. Click here to read the article.
Steven Peisner is a veteran of the credit-card industry whose current company, Sell It Safe, helps merchants avoid fraud. Peisner spends a lot of time monitoring hacker chat rooms, and also sussing out fraudulent sites like this fake Bank of America website. A close look at the site reveals that its URL has nothing to do with Bank of America, but in fact reads www.paypalacustomers.com. “Even hackers get tired,” Peisner explained, “and sloppy.”
The site will accept any keystrokes as a login and password; on the following page, a form asks for a complete array of personal information including – oops! – “Father Maiden Name.” (Warning: unless you really want to hand over your personal information to the hackers who created this site, don’t enter any real data.) [Addendum: a few hours after this was posted, the page described in the previous sentence was disabled; it had been in existence for at least two weeks.]
In this paper called “Why Phishing Works,” computer scientists Rachna Dhamija (Harvard) and J.D. Tygar and Marti Hearst (both at Berkeley) found that the best phishing sites were able to fool 9 out of 10 people.
And yet a new report by Javelin Strategy and Research found that identity theft has actually leveled off. The full report isn’t available to the public, but this consumer version is, along with this summarizing press release; the Federal Trade Commission has also reported a leveling-off of identity theft.
Here is a Victim’s Guide for Identity Theft issued by the Los Angeles County Sheriff’s Department, which runs one of the most aggressive identity-theft task forces in the U.S. If you’re curious about your own vulnerability, take this safety quiz from the Better Business Bureau.
The TowerGroup, a research firm owned by MasterCard Worldwide, recently found that “banks are not yet ready to dedicate resources to solving any ID theft problem,” which leaves the onus largely on the merchants.
In this ingenious credit card prank, the prankster wonders how crazy he would have to make his signature before someone actually cares.