Showing papers on "Identity theft published in 2016"

The Thief With a Thousand Faces and the Victim With None Identifying Determinants for Online Identity Theft Victimization With Routine Activity Theory

Abstract: Available evidence suggests that identity theft is a growing problem that has significant consequences for victims, not the least of which is billions of dollars in financial losses. However, very little is known about the correlates or causes of identity theft victimization. Utilizing a nationally representative sample of individuals from the Canadian General Social Survey, the current study attempts to address this deficiency by examining the link between victims' online routine activities and their online identity theft victimization. It was found that certain routine activities directly influence the likelihood of experiencing identity theft. Potential research and policy implications also are discussed.

Investigating Social Networking applications on smartphones detecting Facebook, Twitter, LinkedIn and Google+ artefacts on Android and iOS platforms

Abstract: The rapid growth in usage and application of Social Networking (SN) platforms make them a potential target by cyber criminals to conduct malicious activities such as identity theft, piracy, illegal trading, sexual harassment, cyber stalking and cyber terrorism. Many SN platforms are extending their services to mobile platforms, making them an important source of evidence in cyber investigation cases. Therefore, understanding the types of potential evidence of users’ SN activities available on mobile devices is crucial to forensic investigation and research. In this paper, we examine four popular SN applications: Facebook, Twitter, LinkedIn and Google+, on Android and iOS platforms, to detect remnants of users’ activities that are of forensic interest. We detect a variety of artefacts (e.g. usernames, passwords, login information, personal information, uploaded posts, exchanged messages and uploaded comments from SN applications) that could facilitate a criminal investigation.

Guardians upon high: an application of routine activities theory to online identity theft in europe at the country and individual level

Abstract: Online fraud is the most prevalent acquisitive crime in Europe. This study applies routine activities theory to a subset of online fraud, online identity theft, by exploring countrylevel mechanisms, in addition to individual determinants via a multi-level analysis of Eurobarometer survey data. This paper adds to the theory of cybercrime and policy debates by: i) showing that country physical guardianship (e.g. cyber security strategy) moderates the effects of individual physical guardianship; ii) introducing a typology of online capable guardianship: physical passive, active personal and avoidance personal guardianship; iii) showing that online identity theft is associated with personal and physical guardianship; and iv) identifying public Internet access and online auction selling as highly risky routine activities. The paper concludes by emphasising the importance of studying country level effects on online identity theft victimisation.

Cyber threats to health information systems: A systematic review.

Abstract: Background Recent legislation empowering providers to embrace the electronic exchange of health information leaves the healthcare industry increasingly vulnerable to cybercrime. The objective of this systematic review is to identify the biggest threats to healthcare via cybercrime. Objective The rationale behind this systematic review is to provide a framework for future research by identifying themes and trends of cybercrime in the healthcare industry. Methods The authors conducted a systematic search through the CINAHL, Academic Search Complete, PubMed, and ScienceDirect databases to gather literature relative to cyber threats in healthcare. All authors reviewed the articles collected and excluded literature that did not focus on the objective. Results Researchers selected and examined 19 articles for common themes. The most prevalent cyber-criminal activity in healthcare is identity theft through data breach. Other concepts identified are internal threats, external threats, cyber-squatting, and cyberterrorism. Conclusions The industry has now come to rely heavily on digital technologies, which increase risks such as denial of service and data breaches. Current healthcare cyber-security systems do not rival the capabilities of cyber criminals. Security of information is a costly resource and therefore many HCOs may hesitate to invest what is required to protect sensitive information.

Forensic investigation of OneDrive, Box, GoogleDrive and Dropbox applications on Android and iOS devices

Abstract: In today’s Internet-connected world, mobile devices are increasingly used to access cloud storage services, which allow users to access data anywhere, anytime. Mobile devices have, however, been known to be used and/or targeted by cyber criminals to conduct malicious activities, such as data exfiltration, malware, identity theft, piracy, illegal trading, sexual harassment, cyber stalking and cyber terrorism. Consequently, mobile devices are an increasing important source of evidence in digital investigations. In this paper, we examine four popular cloud client apps, namely OneDrive, Box, GoogleDrive, and Dropbox, on both Android and iOS platforms (two of the most popular mobile operating systems). We identify artefacts of forensic interest, such as information generated during login, uploading, downloading, deletion, and the sharing of files. These findings may assist forensic examiners and practitioners in real-world examination of cloud client applications on Android and iOS platforms.

Identity Theft and Consumer Payment Choice: Does Security Really Matter?

Abstract: Security is a critical aspect of electronic payment systems. In recent years, the phenomenon of identity theft has gained widespread media coverage and has grown to be a major concern for payment providers and consumers alike. How identity theft has affected consumer’s payment choice is still an open research question. We use the 2009 Survey of Consumer Payment Choice (SCPC) to study the effect of identity theft incidents on adoption and usage patterns for nine different payment instruments in the U.S. Our results suggest that certain types of identity theft incidents affect positively the probability of adopting money orders, credit cards, stored value cards, bank account number payments and online banking bill payments. As for payment usage, we find that particular types of identity theft incidents have a positive and statistically significant effect on the use of cash, money orders and credit cards and a negative and statistically significant effect on the use of checks and online banking bill payments. These results are robust across different types of transaction, after controlling for various socio-demographic characteristics and perceptions toward payment methods.

Consumerism in the Digital Age

Abstract: This paper discusses "digital consumerism," which is the application of traditional concepts of consumerism to consumer vulnerabilities in digital markets. The relationship of digital consumerism to paradigms of consumer empowerment and consumer vulnerabilities is discussed using examples from the relevant literature. The findings of this literature survey identify new aspects of consumerism in digital markets that have the potential to enhance consumer well-being. The literature survey also revealed that consumer vulnerabilities have grown in complexity faster than regulative efforts. Therefore, there is a need for a reconceptualization of consumerism in order to improve consumer protections and to develop better functioning and healthier digital markets. ********** If we were able to add a "right to healthy food" to the 1960s conceptualization of consumerism, would we have less obesity and fewer health problems in society today? If we were able to embed a "right to financial protection" in the same consumerism concept, would we have had the financial crises and instability of the last few years? If we had anticipated the privacy issues before the Internet became ubiquitous and added "a right to online privacy" to our concept of consumerism, would we now have fewer identity theft problems? The opinions on these questions would clearly vary from person to person, situation to situation, market to market, and culture to culture. However, it is still easy to imagine that we would have fewer of these problems if we had a better understanding of these issues and their potential for affecting our lives. An answer to these questions is evident in the consumerism concept itself. Consumerism propounds the creation of consumer protection by raising market awareness of the vulnerabilities of consumers, market inequalities, and the subsequent regulation of business misbehaviors, deceptions, and marketing malpractices with legislative support (Aaker and Day 1982; Cohen 2010; Day and Aaker 1970; Rotfeld 2010). The major goal of consumerism is to "seek to establish a more equitable and socially responsible capitalist democracy ' (Cohen 2010, 235). Recent technological advances, loosely referred to as the Internet, provide us with opportunities to achieve more equitable and socially responsible market structures (Kucuk 2009; Kucuk and Krishnamurthy 2007). Although the phenomenal transformations produced by online markets reduced the historical dominance of companies and equalized market structures in favor of consumers, dynamically evolving digital markets also changed the nature and sources of consumer vulnerabilities (Kucuk 2009). One example is the rise in the number of identity theft and financial damage cases. The FBI's Internet Crime Complaint Center (IC3) recently reported receiving its 3 millionth complaint. The total dollar loss claimed since the establishment of the IC3 now exceeds $2 billion. (1) An additional difficulty for both consumers and companies is that not everybody can easily access digital markets or market information. As a result, there are serious inequality problems. Those consumers who can access digital markets frequently encounter unreliable, deceptive, and misleading information. This misinformation increases consumer confusion and vulnerability. Finally, although consumer voices can be enhanced through the Internet, some companies deceptively post in consumer networks (aka "paid-bloggers") or try to override the free speech rights of consumers by asserting ownership rights. In this context, defining and exploring systematic consumer vulnerabilities and reconceptualizing consumerism for digital markets is indispensable to improving our social welfare. Unfortunately, there is currently a limited amount of research focused on how the digital revolution is transforming consumerism. The major questions are: "What new problems do consumers face in digital markets? …

Identity based secure authentication scheme based on quantum key distribution for cloud computing

Abstract: Identity theft is the most recurrent twenty-first century cybercrime. Thus, authentication is of utmost significance as the number of hackers who seek to intrigue into legitimate user’s account to obtain sensitive information is increasing. Identity based authentication operates to corroborate the identity of the user so that only the legitimate user gets access to the service. This paper proposes a quantum identity based authentication and key agreement scheme for cloud server architecture. Quantum cryptography based on the laws of quantum physics is a vital technology for securing privacy and confidentiality in the field of network security. A formal security analysis has been performed using AVISPA tool that confirms the security of the proposed scheme. The security analysis of the proposed protocol proves that it is robust against all security attacks. To confirm applicability of quantum key distribution in cloud computing, a practical long-distance entanglement-based QKD experiment has been proposed. This experiment confirms successful generation of shifted keys over distance of 100 km of optical fiber with a key rate of 4.11 bit/s and an error rate of 9.21 %.

Detection of Multiple Identity Manipulation in Collaborative Projects

Abstract: Various techniques are used to manipulate users in OSN environments such as social spam, identity theft, spear phishing and Sybil attacks... In this article, we are interested in analyzing the behavior of multiple fake accounts that try to bypass the OSN regulation. In the context of social media manipulation detection, we focus on the special case of multiple Identity accounts (Sockpuppet) created on English Wikipedia (EnWiki). We set up a complete methodology spanning from the data extraction from EnWiki to the training and testing of our selected data using several machine learning algorithms. In our methodology we propose a set of features that grows on previous literature to use in automatic data analysis in order to detect the Sockpuppets accounts created on EnWiki. We apply them on a database of 10.000 user accounts. The results compare several machine learning algorithms to show that our new features and training data enable to detect 99\% of fake accounts, improving previous results from the literature.

CyberProtector: identifying compromised URLs in electronic mails with Bayesian Classification

Abstract: Embedding malicious URLs in e-mails is one of the most common web threats facing the internet community today. Malicious URLs have been widely used to mount various cyber-attacks like spear phishing, pharming, phishing and malware. By falsely claiming to be a trustworthy entity, users are lured into clicking on these compromised links to divulge vital information such as usernames, passwords, or credit card details and unknowingly succumb to identity theft. Hence, the detection of malicious URLs in e-mails is very essential so as to help internet users implement safe practices and as well prevent them from becoming victims of fraud. This paper explores how malicious links in e-mails can be detected from the lexical and host-based features of their URLs to protect users from identity theft attacks. This research uses Naive Bayesian classifier as a probabilistic model to detect if a URL is malicious or legitimate. The Naive Bayesian classifier is used to count up the occurrence of each feature in an e-mail and calculate the cumulative score. If the cumulative score is greater than the given threshold, the URL is considered malicious otherwise the URL is legitimate.Keywords: Malicious URLs; Pharming; Phishing, Attacks; Naive Bayesian classifier, threshold

Cybercrimes in Nigeria: Analysis, Detection and Prevention

Abstract: Over the years, the alarming growth of the internet and its wide acceptance has led to increase in security threats. In Nigeria today, several internet assisted crimes known as cybercrimes are committed daily in various forms such as fraudulent electronic mails, pornography, identity theft, hacking, cyber harassment, spamming, Automated Teller Machine spoofing, piracy and phishing. Cybercrime is a threat against various institutions and people who are connected to the internet either through their computers or mobile technologies. The exponential increase of this crime in the society has become a strong issue that should not be overlooked. The impact of this kind of crime can be felt on the lives, economy and international reputation of a nation. Therefore, this paper focuses on the prominent cybercrimes carried out in the various sectorsin Nigeria and presents a brief analysis of cybercrimes in tertiary institutions in Ekiti-State. In conclusion, detection and prevention techniques are highlighted in order to combat cybercrimes in Nigeria .

Review of the Main Security Problems with Multi-Agent Systems used in E-commerce Applications

Abstract: The ability to connect to the Internet from a wide variety of devices such as smart phones, IoT devices and desktops at anytime and anywhere, produces a large number of e-commerce transactions, such as purchases of clothes, ticket entrances for performances, or banking operations. The increasing number of these transactions has also created an increase in the number of threats and attacks by third parties to access user data banks. It is important to control the access procedure to user data so that the number of threats does not continue to grow. To do so, it is necessary to prevent unauthorized access, theft and fraud in electronic commerce, which is required to ensure the safety of these transactions. Many e-commerce platforms are developed through multi-agent-systems because they include certain advantages to control the product, resource management, task distribution, etc. However, there are a number of threats that can jeopardize the safety of the agents that make up the system. These issues must be taken into account in the development of these multi-agent systems. However, existing methods of development do not cover in depth the issue of security. It is necessary to present and classify the potential security flaws of multi-agent systems. Therefore, the present research presents a review of the main vulnerabilities that occur in multi-agent systems responsible for managing e-commerce applications, as well as the proposed solutions to the major security problems on these platform systems. The main conclusions provided by this research is the need to optimize security measures and enhance the different security solutions applied in e-commerce applications in order to prevent identity theft, access to private data, access control, etc. It is therefore essential to continue to develop the security methods employed in applications such as e-commerce as different types of attacks and threats continue to evolve.

Remote user authentication scheme using smart card: a review

Abstract: User authentication is the process of verifying the legitimacy of a user. Until now, several authentication schemes using smart card proposed in the literature and each proposed scheme has its own merits and demerits. A common attribute among most of the proposed schemes is that the user identity is static in all the transaction sessions, which may reveal some facts about that user and can create threat of identity theft during the communication. In this paper, we have defined all the security requirements and all the goals an ideal remote user authentication scheme should satisfy and achieve. We have presented the results of our survey about remote user authentication schemes for client-server model. All the schemes are vulnerable to various attacks and do not meet the goals. In the future, we look forward to an ideal remote user authentication scheme, which meets all the security requirements and achieves all the goals can be developed. We should confidence that the attacks and goals we offer here can also aid future researchers develop better schemes.

Protecting One's Own Privacy in a Big Data Economy

Abstract: Big Data is the vast quantities of information amenable to large-scale collection, storage, and analysis. Using such data, companies and researchers can deploy complex algorithms and artificial intelligence technologies to reveal otherwise unascertained patterns, links, behaviors, trends, identities, and practical knowledge. The information that comprises Big Data arises from government and business practices, consumer transactions, and the digital applications sometimes referred to as the “Internet of Things.” Individuals invisibly contribute to Big Data whenever they live digital lifestyles or otherwise participate in the digital economy, such as when they shop with a credit card, get treated at a hospital, apply for a job online, research a topic on Google, or post on Facebook.Privacy advocates and civil libertarians say Big Data amounts to digital surveillance that potentially results in unwanted personal disclosures, identity theft, and discrimination in contexts such as employment, housing, and financial services. These advocates and activists say typical consumers and internet users do not understand the extent to which their activities generate data that is being collected, analyzed, and put to use for varied governmental and business purposes.I have argued elsewhere that individuals have a moral obligation to respect not only other people’s privacy but also their own. Here, I wish to comment first on whether the notion that individuals have a moral obligation to protect their own information privacy is rendered utterly implausible by current and likely future Big Data practices; and on whether a conception of an ethical duty to self-help in the Big Data context may be more pragmatically framed as a duty to be part of collective actions encouraging business and government to adopt more robust privacy protections and data security measures.

PhishMonger: A free and open source public archive of real-world phishing websites

Abstract: The number of active, online phishing websites continues to grow unabated in recent years. This has created an ever-increasing security risk for both individual and enterprise users in terms of identity theft, malware, financial loss, etc. Although resources exist for tracking, cataloguing, and blacklisting these types of sites (e.g., PhishTank.com), the ephemeral nature of phishing websites makes in-depth analysis exceptionally difficult. In order to better understand how these phishing sites exploit user and system weaknesses, we have crafted a platform named PhishMonger for capturing live phishing websites in real-time on an ever-present, rolling basis, which we outline in this paper. Moreover, we present details regarding our growing database of verified phishing websites, which currently encompasses over 88,754 sites, spanning 10,956,415 files and folders, utilizing 108GB of compressed storage. We offer recommendations on how this corpus can be leveraged by the cybersecurity and security informatics research communities to examine several important research problems.

A novel machine learning approach to the detection of identity theft in social networks based on emulated attack instances and support vector machines

Abstract: The proliferation of social networks and their usage by a wide spectrum of user profiles has been specially notable in the last decade. A social network is frequently conceived as a strongly interlinked community of users, each featuring a compact neighborhood tightly and actively connected through different communication flows. This realm unleashes a rich substrate for a myriad of malicious activities aimed at unauthorizedly profiting from the user itself or from his/her social circle. This manuscript elaborates on a practical approach for the detection of identity theft in social networks, by which the credentials of a certain user are stolen and used without permission by the attacker for its own benefit. The proposed scheme detects identity thefts by exclusively analyzing connection time traces of the account being tested in a nonintrusive manner. The manuscript formulates the detection of this attack as a binary classification problem, which is tackled by means of a support vector classifier applied over features inferred from the original connection time traces of the user. Simulation results are discussed in depth toward elucidating the potentiality of the proposed system as the first step of a more involved impersonation detection framework, also relying on connectivity patterns and elements from language processing. Copyright © 2015 John Wiley & Sons, Ltd.

Ghost Workers: The Implications of Governing Immigration Through Crime for Migrant Workplaces

Abstract: Based on interviews and fieldwork in a migrant farmworking community in California's Central Valley, this article examines the phenomenon of “identity masking” and its implications for workers’ labor conditions. It shows that labor supervisors often take advantage of unauthorized migrants’ and minors’ legal ineligibility for employment by making their employment contingent upon working a set of loaned identity documents. In doing so, employers render these groups “ghost workers”—that is, they simultaneously obscure their presence from the state and federal governments while benefitting from the wage deductions associated with such prohibited workers’ labor. By calling attention to on-the-ground practices of document circulation, this article thus critiques the charges of “identity theft” often levied against unauthorized migrants during worksite raids. Yet the common practice of “identity masking” not only directly benefits supervisors as individuals, but also makes injured “ghost workers” disappear. As employers wield the threat of implicating such workers in “identity theft” to suppress their workers’ compensation claims, this article illustrates the implications of the trend towards “governing immigration through crime” (Dowling and Inda 2013) on the migrant labor force.

Predicting and explaining identity risk, exposure and cost using the ecosystem of identity attributes

Abstract: Personally Identifiable Information (PII) is commonly used in both the physical and cyber worlds to perform personal authentication. A 2014 Department of Justice report estimated that roughly 7% of American households reported some type of identity theft in the previous year, involving the theft and fraudulent use of such PII. Establishing a comprehensive map of PII attributes and their relationships is a fundamental first step to protect users from identity theft. In this paper, we present the mathematical representation and implementation of a model of Personally Identifiable Information attributes for people, named Identity Ecosystem. Each PII attribute (e.g., name, age, and Social Security Number) is modeled as a graph node. Probabilistic relationships between PII attributes are modeled as graph edges. We have implemented this Identity Ecosystem model as a Bayesian Belief Network (with cycles allowed) and we use Gibb's Sampling to approximate the posteriors in our model. We populated the model from two sources of information: 1) actual theft and fraud cases; and 2) experts' estimates. We have utilized our Identity Ecosystem implementation to predict as well as to explain the risk of losing PII and the liability associated with fraudulent use of these PII attributes. For better human understanding of the complex identity ecosystem, we also provide a 3D visualization of the Identity Ecosystem model and queries executed on the model. This research aims to advance a fundamental understanding of PII attributes and leads to better methods for preventing identity theft and fraud.

CyberProtector: Identifying Compromised URLs in Electronic Mails with Bayesian Classification

Abstract: Embedding malicious URLs in e-mails is one of the most common web threats facing the internet community today. Malicious URLs have been widely used to mount various cyber-attacks like spear phishing, pharming, phishing and malware. By falsely claiming to be a trustworthy entity, users are lured into clicking on these compromised links to divulge vital information such as usernames, passwords, or credit card details and unknowingly succumb to identity theft. Hence, the detection of malicious URLs in e-mails is very essential so as to help internet users implement safe practices and as well prevent them from becoming victims of fraud. This paper explores how malicious links in e-mails can be detected from the lexical and host-based features of their URLs to protect users from identity theft attacks. This research uses Naive Bayesian classifier as a probabilistic model to detect if a URL is malicious or legitimate. The Naive Bayesian classifier is used to count up the occurrence of each feature in an e-mail and calculate the cumulative score. If the cumulative score is greater than the given threshold, the URL is considered malicious otherwise the URL is legitimate.

Improving responses to online fraud victims: An examination of reporting and support

Abstract: Online fraud poses a substantial threat to the financial and overall wellbeing of Australians. This research examines the reporting experiences and support needs of 80 victims of online fraud across Australia, who reported losses of at least AUD$10,000 to the Australian Competition and Consumer Commission. The findings highlight the many difficulties and challenges faced by victims in attempting to report their incident and document their overwhelmingly negative experiences with agencies across the “fraud justice network”. The report also highlights the devastating impact that online fraud can have on individual victims and the lack of support services available to assist with recovery. Overall, these findings demonstrate the need to more effectively respond to online fraud victims from within the “fraud justice network”. Additionally, they illustrate the need to provide more adequate support mechanisms, which seek to counter the negativity, victim blaming, shame and stigma associated with this particular crime type.

From “Deportability” to “Denounce-ability:” New Forms of Labor Subordination in an Era of Governing Immigration Through Crime

Abstract: The highly publicized 2008 Immigration & Customs Enforcement (ICE) worksite raid in Postville, Iowa, signaled a new strategy in interior immigration enforcement. Rather than merely deport the unauthorized workers it apprehended, ICE arrested them on charges of working under stolen documents (aggravated identity theft) and invented Social Security numbers (Social Security fraud) and imprisoned them prior to their deportation. Drawing on interviews with forty-five migrant farmworkers and six labor supervisors in a migrant farmworking community in California's Central Valley, this article explores how unauthorized migrants obtain the work documents they must provide to labor supervisors in order to work. This article shows that the poverty and marginalization of migrant communities has led to the mutually beneficial exchange of work authorization documents between donors with legal status and recipients without legal status. Using ethnography to recontextualize these document loans, this article offers an alternative interpretation of the criminal charges levied in Postville. Because voluntary document exchanges may be misrepresented as involuntary theft, labor supervisors use their knowledge of identity loan to suppress identity recipients’ workers’ compensation claims. This article examines the effect of the criminalization of immigration on labor discipline, suggests that migrant “denounce-ability” has joined migrant “deportability” as a powerful new tool of labor subordination.

Hardware security: From concept to application

Abstract: With the advent of the Internet of Things (IoT), electronics devices are everywhere in our lives. This omnipresence implies a growing of security issues (data or identity theft, hostile takeover of sensitive equipments…). To counter security vulnerabilities, “Security by Design” methods are being developed. It advises to think about security from the beginning of the conception at both software and hardware levels. Therefore, it is necessary to create new pedagogical support to form engineers to this method. In this context, the French national coordination for microelectronics education has launched a program targeting hardware security instruction. Four main courses were developed addressing students from high-school level to PhD level. This paper presents the three-day Master/PhD training which includes theoretical lectures and practical labs. Since 2014, more than 1000 students have followed this training.

Detection and Response of Identity Theft within a Company Utilizing Location Information

Abstract: Accidents of information leakage and system hacking caused by identity theft in the organization/company have happened frequently. Many companies make a lot of efforts to prevent account theft such as access control, multi-factor authentication, encryption, and response to malicious code. It is not easy to apply them to the company because of less efficiency and inconvenience. In this paper, countermeasure against the threat of hacking is presented with the methods which is low-cost and with low false detection. The methods do not infringe privacy and decrease the efficiency of work through detection of identity theft by utilizing the physical information of employees.

Risk Kit: Highlighting Vulnerable Identity Assets for Specific Age Groups

Abstract: Identity theft is perhaps the defining crime of the information age. Identity theft threatens various demographics, but some age groups, e.g., senior citizens, are particularly vulnerable. In this paper, we study how identity theft puts different personally identifiable information (PII) assets at risk of exposure, and how this risk changes throughout one's lifecycle. We categorize PII assets, introducing a fourth novel category, measure their exposure risk using the Identity Theft Assessment and Prediction (ITAP) repository of over 3,000 identity theft cases, and track the risk change throughout an individual's lifecycle. We introduce the concept of PII Balance Sheets, and finally, we present a free publicly available Android app that demonstrates our research results. This app not only educates individuals and highlights their vulnerable identity assets, but also is useful when they make the decision of whether or not to share their personally identifiable information.

Data Breach Notification Laws

Abstract: Richard J. Sullivan and Jesse Leigh Maniff study individual provisions within states' data breach notification laws to evaluate their effects on identity theft.

Identifying Business Risk Factors of Identity Theft

Abstract: Identifying Business Risk Factors of Identity Theft by Robert K. Minniti MBA, DeVry University, 2003 BSBA, University of Phoenix, 1992 Doctoral Study Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Business Administration Walden University October 2016 Abstract Businesses are under pressure to identify and control risks affecting profitability, including the risk of fraud. Identity theft, a type of fraud, costs businesses, governments, and individuals in excess of $56 billion a year. In order to develop good internal controls to help prevent and detect fraud, it is necessary to identify the risks to the business, but business owners are not always aware of what risk factors relate to identity theft. A nonexperimental research design formed the basis of this research study. The population for this study was data from all 50 U.S. states, represented via government databases maintained by the Federal Trade Commission, the U.S. Census Bureau, and the Department of Labor from all 50 U.S. states from 2008 until 2014. The fraud triangle theory formed the theoretical framework for this study. Regression analysis determined the significance of relationships between state-specific instances of international immigration, state-specific unemployment rates, and state-specific instances of identity theft. Both state-specific instances of international immigration and state-specific unemployment rates demonstrated a significant and positive relationship with instances of identity theft. The implications for positive social change include improvedBusinesses are under pressure to identify and control risks affecting profitability, including the risk of fraud. Identity theft, a type of fraud, costs businesses, governments, and individuals in excess of $56 billion a year. In order to develop good internal controls to help prevent and detect fraud, it is necessary to identify the risks to the business, but business owners are not always aware of what risk factors relate to identity theft. A nonexperimental research design formed the basis of this research study. The population for this study was data from all 50 U.S. states, represented via government databases maintained by the Federal Trade Commission, the U.S. Census Bureau, and the Department of Labor from all 50 U.S. states from 2008 until 2014. The fraud triangle theory formed the theoretical framework for this study. Regression analysis determined the significance of relationships between state-specific instances of international immigration, state-specific unemployment rates, and state-specific instances of identity theft. Both state-specific instances of international immigration and state-specific unemployment rates demonstrated a significant and positive relationship with instances of identity theft. The implications for positive social change include improved understanding of risk factors for identity theft, which could lead to lower costs of operation for businesses and lower prices for consumers. Identifying Business Risk Factors of Identity Theft by Robert K. Minniti MBA, DeVry University, 2003 BSBA, University of Phoenix, 1992 Doctoral Study Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Business Administration Walden University October 2016 Dedication I would like to dedicate this study to my father, Alfred D. Minniti, who is a second generation American and a Bronze Star recipient for his service in the Vietnam War. He taught me that it is possible to attain any goal as long as you work hard for what you want. Acknowledgments I would like to acknowledge that this study would not have been possible without the guidance, mentoring, and support I received from Dr. Roger Mayer. Several individuals from Walden University whom I will not mention led me down the wrong paths during my studies. Dr. Mayer was able to show me the correct path and was invaluable to me as a mentor and guide.

Cybercrime - The Emerging Threat to the Financial Services Sector in Zimbabwe

Abstract: The proliferation of Information and Communication Technology (ICT) has resulted in the change of different aspects of human life, bringing convenience and simplicity to our lives. It has taken domain in the different business sectors inclusive of the financial institutions. However it has come with its own share of problems, which have become a major concern to business organisations. This study, which was confined to four financial institutions in Harare, was aimed at investigating the prevalence of cybercrime in financial institutions. A total of 48 respondents drawn from four commercial banks were invited to participate using stratified random sampling and purposive sampling techniques, with the questionnaire and in-depth interviews as the key research instruments. The study revealed hacking, phishing, identity theft and malware to be amongst the types of cybercrime in banks. Though financial institutions are putting cyber security systems in place to curb the scourge, the preventive measures are being out- paced by technological advancement. DOI: 10.5901/mjss.2016.v7n3s1p135

Cybercrimes: an overview of contemporary challenges and impending threats

Abstract: The increase in technology-based devices and Internet capabilities presents an inevitable demand to police computer-perpetrated crimes more than ever. However, an understanding of the prevalence of cybercrimes and the research about the motivation behind these crimes is limited. Law enforcement agencies and digital forensic analysts face extraordinary challenges that hopefully can be met with specialized training, improved and increased resources, along with interagency cooperation, in an effort to combat these crimes. In brief, this chapter focuses on some of the most current cybercrimes such as hacking, identity theft and fraud, child sexual exploitation and online pornography, as well as cyberstalking and digital harassment. Future threats are addressed, and the chapter ends with a discussion about future issues for law enforcement and digital forensic professionals.