The Socio-Economic Impact of Identity Theft and Cybercrime: Preventive Measures and Solutions

The Socio-Economic Impact of Identity Theft and Cybercrime: Preventive Measures and Solutions

Nabie Y. Conteh, Quinnesha N. Staton
DOI: 10.4018/978-1-7998-6504-9.ch009
OnDemand:
(Individual Chapters)
Available
$33.75
List Price: $37.50
10% Discount:-$3.75
TOTAL SAVINGS: $3.75

Abstract

The purpose of this chapter is to explore and address the socio-economic impact of identity thefts and cybercrime in general. The chapter will further explain the various ways employed in their implementation. The chapter will also put forward ways to prevent the threats and vulnerabilities of the attacks. The study will also recommend solutions to stop and/or mitigate the consequences of cyber-thefts. The study will define social engineering as well as provide various social engineering tactic. The chapter will also discuss the reasons for the rise in cybercrime. Such reasons will include financial gain, revenge, as well as non-financial gains. Also cited are examples that demonstrate the capabilities of cybercriminal. The chapter will also provide justification for the reasons behind the cumbersome task and failure in instituting a lasting solution to the criminal activities. Finally, this chapter will close with a conclusion on the economic implications of social engineering on the general cyberwar on cybercrime at the national and global levels.
Chapter Preview
Top

2. What Is Social Engineering?

  • The article “Social Engineering: The Basics” (Goodchild, 2012) defines social engineering as being able to gaining access to property (buildings, systems or data) by exploiting the human psyche, rather than by breaking in or hacking. According to (Heary, n.d.), social engineering is defined as any act that influences a person to take an action that may or may not be in their best interest. But social engineering is much more than that. Social engineering focuses on the psychological, physiological and technological aspects of influencing people. There are several types of social engineering attacks and they continue to evolve daily. Examples of these types of attacks are:

  • Familiarity Exploit: a person pretending to be an employee or a malicious employee trying to fit in and appear normal, to make everyone feel comfortable like they should be there. They make themselves familiar with those that they want to exploit. Unknowingly, that person lowers their guard, and eventually falls prey to the attacker. People react differently to people that they know or that they have been around. An example would be a social engineer tailgating into a secure area behind someone that they have become familiar with (The official social engineering portal - security through education, 2015).

  • Reading Body Language: The more experience a social engineer has the better they are. A good social engineer can read and respond to their victim’s body language and make connections with a person. They are able to recognize and adapt to emotions, and make their victim’s feel comfortable. For example, if a social engineer has learned the body language of their victim, they can make a connection with a person from being compassionate. That person is more likely to feel obligated to help the SE out and do small favors for them such as letting them in a lab not knowing if that person has access or not (The official social engineering portal - security through education, 2015).

  • Gathering and Using Information: The more information you have about your victim the more likely you are able to get what you want from them. Social engineers gather information from various resources whether it is traditional, non-traditional, or illegal. Traditional sources are public available sources that do not require illegal activity to obtain (Mickelberg, K., Pollard, N., & Schive, L. 2014). Examples of traditional sources are social networking sites such as LinkedIn, Facebook, or basic Google searches (The official social engineering portal - security through education, 2015). Non-traditional searches such as dumpster diving is legal and very common and often provide lots of information. Other methods to obtain information are by doing so illegally. Illegal ways to gather information are by gathering personal items such as security badges, uniforms, or smart phones from unlocked cars (The official social engineering portal - security through education, 2015). SE can also obtain information from malware, theft, and impersonating law enforcement or government agencies (Mickelberg, K., Pollard, N., & Schive, L. 2014).

Complete Chapter List

Search this Book:
Reset