Rough Definitions
from the Rogue’s Gallery
of False Identities
Identity Theft: Stealing someone else’s personal
information or impersonating them for purposes
ranging from financial theft to obtaining services to
concealment of other criminal activities.
Social Engineering: Using various forms of deception
and psychological manipulation to acquire
confidential information and/or gain unauthorized
access to data or systems or to get unwitting
sources to perform or assist in illicit activities.
Pretexting: A type of social engineering in which a
perpetrator creates a scenario, frequently using a
false identity, to extract information or for other illegal activities.
Spoofing: Impersonating a person or organization in
a faked email, IP address or other communication
source for fraudulent purposes.
More resources:
Prevent Identity Theft in Your Business and also
Identity Fraud Investigations both by Judith Collins,
Ph.D., adjunct associate professor, School of
Criminal Justice, Michigan State University (both
published by John Wiley & Sons, Inc.)
The Truth About Identity Theft by Jim Stickley
(published by FT Press)
Stealing Your Life The Ultimate Identity Theft
Prevention Plan by Frank W. Abagnale (published by
Broaway Books)
• Be imaginative. We are
becoming increasingly aware
of protecting our identities,
but should start thinking more
imaginatively about how to safeguard them. Can we imagine
scenarios for how our identities
and autobiographies may be
used and misused in the future?
• Include irrationality. For some
of us, it can be difficult to understand or accept that people will
do bad things for no practical or
rational reason.
• Find strength in community. There is no substitute for
strengthening ties online and in
the real world to people we know
and trust.
• Create anti-counterfeiting
measures. What are the possibilities of “watermarking” our Web
presences?
• Balance risk and reward. How
can we strengthen and protect
our online identities without stifling self-expression? Can online
identity protection be taken too
far and be overly engineered?
• Pursue justice 2.0. Our legal
system is behind our technology.
What can be done to update legislation to prevent abuse?
• Don’t be complacent. We need
to pay attention to our online
identities and those of the people
we care about.
March + April 2009
Schneier On Security by Bruce Schneier (published
by Wiley Publishing)
Googling Security by Greg Conti (published by
Addison-Wesley)
http://www.idtheftcenter.org
http://www.idtheft.gov
http://www.ic3.gov/default.aspx
http://www.ftc.gov/bcp/edu/microsites/idtheft
context of privacy, paradoxically,
privacy may also be part of the
problem. Consider a jammed road
in a large city center. Drivers converge in close proximity in a fluid
public space. The sense of privacy in interacting with others,
give some license, so to speak,
to act in ways they would not if
they knew the other individuals
involved or were more exposed
themselves. On the whole, the
system works. But as we all know,
the semi-anonymous interactions
bring out problematic behaviors
in a small percentage, although
it may often seem small enough
to not present a serious problem.
That may be the case, but if you
bear the brunt of someone’s road
rage, it suddenly can be very significant. On the Internet, we mingle with some people known to
us and many more who are not.
We are visible, but only partially
so. This environment makes it
easier for others to mimic traces
of our identity, and gives them
the ability to hide the sources of
the information.
Perhaps a key to identity
protection is not just about
increasing privacy, but also
about building real community.
The case I was involved in was
solved by a range of people with
different skills and interests
who came together. It was also
about good friends and colleagues watching out for each
other in this environment.
Here are some of the other lessons I learned in my exploration
of identity theft.
• Look closely. A cheap imitation of an expensive watch, at a
distance, may look like the real
thing. Setting up a false, but
superficially plausible, identity
online requires very little time
and effort.
ABOUT THE AUTHOR
Hunter Whitney is an interaction designer who has
worked for clients ranging
from Microsoft, Intel, and
Yahoo to the Monterey Bay
Aquarium and National Cancer Institute. He
is also a journalist, who has covered topics
ranging from health and medicine to adventure travel for publications including Time,
the Los Angeles Times, the San Jose
Mercury News, Variety, and Omni. He is principal of Hunter Whitney & Associates, Inc.
Visit him at www.hunterwhitney.com.
DOI: 10.1145/1487632.1487641
© 2009 ACM 1072-5220/09/0300 $5.00