Combating Identity Theft

There was a time when online identity theft was largely the domain of hackers who were challenged by the task of stealing identities and then reusing them for their own fun. The thought was scary for some, but wasn’t nearly as threatening as the new breed of criminals who have set out to use those identities to rake in billions of dollars a year.

“Criminal hackers have changed their motivation,” says Robert Siciliano, a Boston-based identity theft expert and consultant. “They used to steal identities for fun and fame, and now they’re doing it for financial gain.”

The numbers back up Siciliano’s warning: According to the Federal Trade Commission, one in six Americans were victims of identity theft in 2008, with 9.93 million people having had some type of identity theft crime committed against them within the past 12 months.

One of the most popular ways that thieves steal personal information is through a scam called phishing, which begins with an e-mail to potential victims that appears to come from a legitimate business, such as a bank or a software company. The message asks the recipient to submit credit card information, social security numbers, bank account information, or additional personal data under a false pretense.

“This pretense is often a money-making opportunity, but it might also be a seemingly routine request to verify personal information,” says Jay Opperman, senior director of security and privacy for Comcast in Philadelphia. “The scammer’s e-mail may even include a link to a legitimate-looking Web site to capture this information.”

According to the National Cyber Security Alliance, bots (also known as Web robots) are the Internet’s fastest-growing cyber crime right now. Using them, thieves are able to collect personal data from unsuspecting victims. “If a computer gets infected with a bot, it can steal credit card information, bank account information, sensitive business data, and social security numbers, which can lead to identity theft,” Opperman says.

With the holiday season in full swing — and with a high number of consumers expected to go online to search for bargains this year — the thieves are lurking everywhere. “They could be sitting outside of your home or office, monitoring your Internet transactions via wireless Web connections, tapped into your Internet Service Provider’s server, or infiltrating retail Websites, where you’re conducting transactions,” Siciliano says.

So how does one go about enjoying the information- and bargain-rich Internet in a way that doesn’t compromise his or her identity? According to Opperman, the first step is to install, use, and update a reputable antivirus program such as MacAfee or Norton. That strategy alone can help detect any viruses (such as bots) that thieves would use to steal identities.

Anti-phishing software is equally as important, and is also available from the antivirus software developers. Such applications help ward off criminals that disguise themselves as legitimate retailers or financial institutions, and that whisk unsuspecting consumers off to the criminals’ Websites from which they can collect sensitive personal information. “Using anti-phishing software that resides on your toolbar, you’ll know immediately that