Abstract
The explosion of the internet has given rise to cybercrimes, online identity theft, and fraud. With the internet, these crimes are able to occur anywhere in the world and limitless to whatever selected target. The anonymity of the internet allows criminal activity to flourish, and the number of unsuspecting victims is growing. From script kiddies to nation-states, this new method of internet-enabled crimes has strained governments. This chapter provides insight into how crimes related to online identity theft and fraud are carried out. Examined within this chapter are the evolution of cybercrime, history of identity theft, applications for internet anonymity, and discussion on effects caused by romance scams and data breaches. Finally, recommendations are provided on what organizations and individuals can do to protect themselves against these vicious crimes.
TopBackground: Definition And The Rise Of Cybercrime
Cybersecurity has gone through several changes that have presented new challenges in recent years, complicated by the rise of cybercrime. The technological advancements associated with the mass implementation of the Internet of Things (IoT) and Internet connectivity to everyday devices have led to an explosion in cyber-attacks such as breaches resulting in millions of accounts being compromised (Dawson et al., 2016). Bad actors such as those focused on criminal activities regarding human trafficking and espionage navigate the technology domains to circumvent law enforcement agencies globally. We must understand how exploitation, circumvention, and defense needs to occur in order to assure security. The threat landscape has shifted, and defenders have to become knowledgeable about how the cyber domain crosses into various areas. The traditional thinking of protecting enterprise systems locked away in a building is no longer applicable.
Executive Orders (EO), laws, policies, doctrines, and other directives have shaped the landscape of Cybersecurity. New EOs have been released that allow a cyber-attack with responsive measures such as one that involves military force. Laws created that impose rights for Personal Identifiable Information (PII) being breached, leaving millions of individuals unprotected. One of these most well-known items is the General Data Protection Regulation (GDPR) as it relates to the European Union (EU) and the evolving threats with hyper connectivity (Martínez, 2019a; Martínez, 2019b). Understanding the role of cybercrime and how it continues to shape the technological landscape is critical. These various actions change the spectrum regarding combating nefarious actors or design errors that leave systems susceptible to threats.
In today’s world of ever-changing technological advances, maintaining the safety and security of personal and sensitive information via the Internet is increasingly at the forefront for most industries and government authorities alike. As a result, the prevention of cybercrime is generally the initial starting point for these agencies. To understand the significance and prevalence of cybercrime, it is necessary to begin with defining this term. In the initial instance, cybercrime may also be referred to as “computer crime,” which is defined as a crime perpetrated using a computer, or with knowledge of computer technology, generally through theft of computer data (Black’s Law Dictionary, 2019). Thus, an essential element of cybercrime is the use of computer technology. Since computer technology as a phenomenon is a creature of the late twentieth century it follows that the emphasis on and prosecution of cybercrime would develop around the same timeframe (Rafay, 2019).
Accordingly, beginning with the 1980’s, Congress passed a series of criminal laws and amendments to “criminalize the conduct of computer ‘hackers’ and similar abusers of computer systems or programs” (Business Crimes, 2013). These legislative efforts reflected the sentiment among federal lawmakers as to the importance of protecting information and computers from criminal conduct. However, much of the impetus for laws that would become the initial national attempts to regulate cybercrime ironically developed primarily from the desire to create clarity as to the fourth amendment privacy protections for electronic information. This is true despite the statements by members of Congress that it was necessary to prevent hackers and to stop what they termed would be a “new breed” of criminal, one using computer technology to steal information and commit new crimes (API Tech Servs., LLC v. Francis, 2013).
Key Terms in this Chapter
Dark Web: The hidden layer of the Internet comprising of sites that are only accessible with specific technologies and encryption processes to protect the identity of the individual browsing or posting content.
Identity Fraud: The fraudulent use of illegally acquired personal information of an individual. It is generally interchangeably used with identity theft.
Social engineering: The art of influencing and manipulating an individual into acting a certain way that they may or may not intend to do otherwise, and that may or may not be in their best interest.
Data Breach: The unauthorized access and dissemination of data sourced from corporate databases. Data breaches can happen either via exploiting a technical vulnerability, or by human factors, such as social engineering or insider threat.
Cryptocurrency: A digital currency secured by cryptography and managed by blockchain technology that is run on distributed computer networks.
Identity theft: The unauthorized access or stealing of an individual’s personal information, such as Social Security Number, name, or credit card information by an outside party. It is generally used interchangeably with identify fraud.
Romance Scam: The activity of establishing an online romantic relationship with an individual based on false pretenses, using a fake identity, with the goals of later exploiting them for financial gain.