file000159

Module XLVI - Investigating Identity Theft Cases

EC-CouncilCopyright © by EC-Council

All Rights Reserved. Reproduction is Strictly Prohibited

News: Five from ID Theft Ring Indicted for Using Bogus Credit Cards, Buying Meth

Source: http://www.rockymountainnews.com/

By Hector Gutierrez, Published November 5, 2008 at 7:30 p.m.

Five people have been indicted in an ID theft operation in which they allegedly used bogus credit cards and bought methamphetamines with the cash they got after reselling purchased items, Aurora police announced Wednesday.

The Denver grand jury returned indictments last week against the five charging them with numerous counts, including violating the Colorado Organized Crime Control Act, theft, forgery, identity theft and conspiracy to commit computer crime, forgery, and theft.

The ring's alleged leader, Shadwick Weaver, 35, was in custody in the Douglas County Jail when the indictment was handed down, police said. Weaver is facing 56 criminal counts and was being held on $500,000 bail.

Detectives from the police department's economic crimes unit and a crime analyst began investigating the group in April after the found out that they may have been involved in a variety of white-collar crimes in Aurora and the north Denver metro area, detective Robert Friel, police spokesman, said.

The group members allegedly got hold of victims' identities by burglarizing homes, breaking into cars and vehicle larceny, the detective said. The ring also possessed equipment that they used to manufacture documents such as counterfeit checks, credit cards, Social Security cards, drivers licenses, photo identities and employee badges. Detectives believe the group possessed about 300 such bogus documents, Friel said.

"We executed a search warrant and we believe we took away their tools that they were using to carry out the scheme," the detective said.



News: Woman Jailed for Stealing Identities

Source: http://www.faxts.com/

Written by FBI Tuesday, 21 October 2008 15:55

PHILADELPHIA - Jocelyn Kirsch, 23, of Novato, California, was sentenced today to five years in prison for her role in an extensive identity theft and fraud scheme, announced Acting United States Attorney Laurie Magid.

Kirsch pleaded guilty in July 2008, to conspiracy, aggravated identity theft, access device fraud, bank fraud, and money laundering. Between November 2006 and November 30, 2007, Kirsch and co-defendant Edward Anderton stole identity information, credit cards, and credit card account information from numerous victims, including friends, co-workers, neighbors, fellow students, bar patrons, and others, and used those stolen materials extensively to buy merchandise and obtain cash. Anderton pleaded guilty in June 2008 and is scheduled for sentencing on November 14, 2008. In addition to the prison terms, United States District Court Judge Eduardo Robreno ordered Kirsch to pay $101,033 restitution, a $600 special assessment, and to complete five years of supervised release.

Over the course of a year, defendants Anderton and Kirsch used the identities of more than 16 victims in numerous illegal transactions to obtain more than $119,000 in cash and merchandise. They also made failed attempts to obtain more than $122,000 in additional cash and merchandise. The defendants used the proceeds of their fraud scheme to help fund their lavish lifestyle that included trips to Florida, Paris, Hawaii, Montreal, and the Turks and Caicos Islands in the Caribbean.

The case was investigated by the Federal Bureau of Investigation, the United States Postal Inspection Service, the Philadelphia Police Department, The University of Pennsylvania Police Department, and the Philadelphia District Attorney’s Office. It was prosecuted by Assistant United States Attorney Louis D. Lappen and Special Assistant United States Attorney Lisa Caulfield.



Module Objective

• Identity Theft• Who Commits Identity Theft• How Criminals Get Information• Techniques Used By Criminals• How Does a Criminal Use Information?• Investigating Identity Theft• Identity Theft Laws• Protection From Identity Theft

This module will familiarize you with:



Module Flow

Identity Theft

Who Commits Identity Theft

How Criminals Get Information

Techniques Used By Criminals

How Does a Criminal Use Information?

Investigating Identity Theft

Identity Theft Laws

Protection From Identity Theft



Identity Theft



Identity Theft

Identity theft is an unauthorized use of others’ personal information for fraudulent or unlawful activities

Identity thieves steal name and reputation and use them for their own financial gain

It causes serious breaches of privacy



Identifying Information

Names (current or former)

Social Security numbers

Driver’s license numbers

Bank account/credit card numbers

Birth dates

Residential and/or work address

Tax identification numbers

Medical identifications



Identity Theft Statistics for 2007

FTC received 813,899 consumer fraud and identity theft complaints

Credit card fraud (23%) was the most common form of reported identity theft followed by phone or utilities fraud (18%), employment fraud (14%), and bank fraud (13%)

Other significant categories of identity theft reported by victims were government documents/benefits fraud (11%) and loan fraud (5%)



Identity Theft Complaints by Age of the Consumer



Examples of Identity Theft

A person is not able to renew his/her Driving License or register to vote due to crimes committed in his/her name by another person

People have been denied employment or fired when a criminal record showed on the background check which was done by another person



Who Commits Identity Theft

Professional thieves

Strangers

Family members and relatives

Friends/acquaintances

Co-Employees



How Criminals Get Information

Stealing files from work places, shops, medical services, banks, etc.

Stealing wallet or purse

Stealing information from home or car

Stealing information from mail ( Bank and credit card statements, checks, loan pre-approvals, tax information )

Scam phone calls where a stranger asks for personal or financial information

Hacking into an organization’s computers

Conning information out of employees

Bribing an employee who has access to records



How Personal Information was Stolen: Statistics



Techniques Used by Criminals

Non technological methods:

• Dumpster diving• Shoulder surfing • Telemarketing scams• Bribing or inserting dishonest employees• Mail theft/interception• Masquerading and Social hacking

Technological methods:

• Credit card skimming• Spy cameras in ATMs• Phishing and Pharming• Wireless communication interception• Software ( Viruses/Hijacking and Spyware)



How Does a Criminal use Information?

Obtains new credit cards and makes changes to the existing bank accounts

Goes on a spending spree with the stolen credit cards and identification

Changes the credit cards’ mailing address

Obtains personal, student, car, and mortgage loans

Gets job using the victim’s name and social security number

Obtains wireless telephone equipment or services

Files fraudulent tax returns



FTC Consumer Sentinel

Consumer Sentinel is an investigative cyber tool which provides members of the Consumer Sentinel Network to access millions of consumer complaints

It includes complaints about:

• Identity theft • Computers, the Internet, and online auctions • Telemarketing scams • Advance-fee loans and credit scams• Sweepstakes, lotteries, and prizes • Business opportunities and work-at-home schemes • Debt collection, credit reports, and financial matters



FTC Consumer Sentinel: Screenshot 1



FTC Consumer Sentinel: Screenshot 2



Identity Theft Movies




Interview the victim

Get the credit reports

Collect information about online activities of the victim

Collect information about the websites where victim has disclosed personal information

Search the FTC consumer sentinel

Collect information from point of sale

Collect information from courier services

Get call records from service providers if stolen identity is used to obtain phone service

Search the suspect’s address

Obtain search and seize warrant

Seize the computer and mobile devices from suspects

Collect the browser’s information from the suspect’s computer



Interview the Victim

Enquire about how the identity was stolen

Ask when the victim first suspected that the identity was stolen

Ask whether the victim uses his/her identity online

Enquire about victim’s work place security policies

Note all the details collected from the victim

Provide a copy of the incident report to the victim to straighten out credit histories



Get the Credit Reports

For every consumer transactions, credit reports and credit scores are used

Get the credit report on the victim’s name and check it properly

Credit reports are supplied by:

• Equifax: http://www.equifax.com• Experian: http://www.experian.com/• TransUnion: http://www.transunion.com/



Sample Credit Report



Collect Information About Online Activities of Victim

Check the victim’s online activities

Check whether the victim has answered any spam mail

Check whether he/she is an victim of the phishing site

Collect the browsing history, cookies, cache, search history, offline website data, and all the available information from the victim’s computer



Collect Information About the Websites Where Victim Has Disclosed Personal Information

If the victim has given sensitive information online, check for the websites address

Check the website details using:

• http://www.whois.net/• http://centralops.net/co/

Information regarding any website (currently down) since its launch can be found at:

• http://www.archive.org/

Investigate the website’s security policies



http://www.whois.net/



http://centralops.net/co/



http://www.archive.org/



Search the FTC Consumer Sentinel

Consumer Sentinel is a secure online database of millions of consumer complaints

Any federal, state, or local law enforcement agency can access the Consumer Sentinel

Search and study similar type of cases (Gives an idea how past cases are solved)



Collect Information from Point of Sale

Check whether the thief has purchased any goods in person

Collect all the details about the thief from the merchant

Collect the photos and video tapes if any from the cameras installed at the merchant’s place

Check for any contact information given to the merchant (mailing address or phone numbers )

Check how the merchandise is delivered



Collect Information from Courier Services

Check whether the thief has bought any goods online (By checking the credit card bills)

If so, contact the vendors and check how the goods are delivered

Collect the mailing addresses, telephone numbers, and courier service details

Bogus addresses may also be useful as the identity thief uses same bogus address in multiple crimes

Contact the courier services and collect the information from the delivery persons

• Obtain the package delivery history• Get a brief idea about the person to whom the goods are delivered



Get Call Records from Service Providers if Stolen Identity is Used to Obtain Phone Service

• Contact service providers and check the applications• Get the call records• Trap the most communicated phone numbers

If the stolen identity is used to obtain the phone service:



Search the Suspect’s Address

Check for the suspect’s address

Check the suspect’s criminal history to see if he/she is involved in a similar fraud in the past

Check the suspect’s trash to get any bills, vouchers, covers or envelopes, etc.

If the suspect is from other jurisdiction or operating in other jurisdiction, contact other law enforcement agencies where he/she lives



Obtain Search and Seize Warrant

If any person is susceptible, provide all the clues in the court

Obtain search and seize warrant for further investigation



Seize the Computer and Mobile Devices from Suspects

Seize the computer, cell phones, and other electronic equipment from suspect’s home

Search the suspect’s home and surroundings

Seize all the credit cards, bank notes, check books, etc. which is on the victim’s name



Collect the Browser Information from Suspect’s Computer

• Browsing information• Search history• Cache• Cookies• Offline website data• Authentication sessions

After seizing the suspect’s computer, check for:



Identity Theft Laws



United States: Federal Identity Theft and Assumption Deterrence Act of 1998

18 U.S.C. § 1028(a)(7) Federal law was passed in 1998

Prohibits “knowingly transfers or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law”



Unites States Federal Laws

18 U.S.C. § 1028 – Identification Fraud

18 U.S.C. § 1029 – Credit Card Fraud

18 U.S.C. § 1030 – Computer Fraud

18 U.S.C. § 1341 – Mail Fraud

18 U.S.C. § 1343 – Wire Fraud

18 U.S.C. § 1344 – Financial Institution Fraud

18 U.S.C. § 1708 – Mail Theft

18 U.S.C. § 1546 – Immigration Document Fraud



Australia

According to Commonwealth level, under the Criminal Code Amendment Act 2000 which amended certain provisions within the Criminal Code Act 1995,

135.1 General dishonesty

Obtaining a gain

(1) A person is guilty of an offense if:

(a) the person does anything with the intention of dishonestly obtaining benefit from another person; and

(b) the other person is a Commonwealth entity

Penalty: Imprisonment for 5 years



Canada

Under the section 403 of the Criminal Code of Canada,every one who fraudulently personates any person, living or dead,

(a) with intent to gain advantage for himself or another person,(b) with intent to obtain any property or an interest in any property, or(c) with intent to cause disadvantage to the person whom he personates or another person, is guilty of an indictable offense and liable to imprisonment for a term not exceeding ten years or an offense punishable on summary conviction



Hong Kong

THEFT ORDINANCE - CHAPTER 210SEC 16AIf any person by any deceit (whether or not the deceit is the sole or main inducement) and with intent to defraud induces another person to commit an act or make an omission, which results either-

(a) in benefit to any person other than the second-mentioned person; or (b) in prejudice or a substantial risk of prejudice to any person other than the first-mentioned person, the first-mentioned person commits the offense of fraud and is liable on conviction upon indictment to imprisonment for 14 years



United Kingdom

Data Protection Act protects the personal data in United Kingdom

It covers all personal data which an organization may hold, including names, birthday and anniversary dates, addresses, telephone numbers, etc.



Protection From Identity Theft



Protection from ID Theft

Check bank account balances regularly

Order the credit reports and review carefully

Check SSA Annual Earnings Statement

Secure all the personal information

Never leave sensitive information in vehicles

Use strong passwords for logging into bank accounts and computers

Enquire about security policies at workplace



Protection from ID Theft (cont’d)

Never use public computers for accessing sensitive information

Do not provide personal information over the phone, Internet, or through the mail

Guard mails and trashcans from theft

Pay attention to billing cycles

Keep virus protection and security suite software updated



What Should Victims Do?

Report to local police and get a copy of report

Call fraud departments of CRAs and get fraud alerts and victim statements placed on credit reports

Contact creditors fraud departments, report fraudulent accounts, and charges

Notify each creditor in writing about the identity fraud



Resources for Victims

www.consumer.gov/idtheft or www.ftc.gov

1-877-ID-THEFT or 1-877-438-4338

www.identitytheft.org

www.idtheftcenter.org

www.privacyrights.org

US Trustees – for bankruptcy (http://www.usdoj.gov/ust/)

Social Security Office of Inspector General (http://www.ssa.gov/oig/)



Summary

Identity theft is the theft or unauthorized use of others’ personal identifying information for fraudulent or unlawful activities

Criminals steal files from work places, shops, medical services, banks, etc.

Obtain new credit cards and make changes to the existing bank accounts

Check whether the victim has answered any spam mail redirecting him/her to the phishing sites

If the victim has given sensitive information online, investigate such website’s address

Collect the photos and video tapes if any from the cameras installed at the merchant’s place

Obtain search and seize warrant for further investigation

Never use public computers for accessing sensitive information

file000159

Technology

aggravated identity

extensive identity theft

identity theft cases

identity information

module flow identity

eccouncil copyright

id theft ring

id theft operation