Welcome to WebmasterWorld Guest from

Forum Moderators: buckworks

Message Too Old, No Replies

Identity theft more prevalent offline than online

4:51 am on Feb 20, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 25, 2002
votes: 283

Headline: New Research Shows That Identity Theft Is More Prevalent Offline with Paper than Online

SAN FRANCISCO, January 26, 2005 - The 2005 Identity Fraud Survey Report - released by the Better Business Bureau


A recent study form the Better Business Bureau shows that only 11.6% of identity fraud are computer crimes. Most result from stolen wallets or from friends and family who have access to personal information.

So trust Amazon, but not cousin Larry!

10:11 am on Feb 20, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member essex_boy is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:May 19, 2003
votes: 12

I have a problem here in Colchester - someone goes through the bin bags and take personal papers.

bank and credit card statements, I think teh press push teh inline side of things due to its unknown nature, just another variation on the big bad web.

10:21 am on Feb 20, 2005 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 5, 2002
votes: 0

"11.6% of identity fraud are computer crimes"
The amount of money that changes hands online is still a fraction of that offline.
Plus one hacker or phishing scheme could potentially steal thousands of id's. (hard for a dumpster diver)

Of course it sucks to be a victim no matter how you were victimized!

4:37 pm on Feb 20, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 25, 2002
votes: 283

You're definitely right that there are a lot of uncontrolled variables in those numbers.

- relative numbers of transactions, as you point out (though keep in mind that computer fraud includes ATM fraud and is not just internet commerce; online transactions only account for about 2-3% of fraud in this study). That does make it hard to evaluate relative risk.

- the numbers concern only those who ultimately figured out how the attack happened. It's not clear to me how that would skew the numbers.

- one category is "online transaction" which could overlap with the category where information is misused by and individual at the company who obtained it.

On the second point, though, it doesn't matter whether phishing attacks can net thousands at once or not. What matters is your exposure to risk.

Every plane crash front page news. Since the numbers involved at once are (or can be) large, it tends to dominate our attention. Strangely, though, this is even true for plane crashes that only kill 20 or so. Meanwhile, a full 747 worth of women are killed by their boyfriends and husbands every month, generally without major headlines, while roughly a 747 full of people are killed on the highways every three or four days. Sure, lots more people are driving or have husbands and boyfriends at any time, but that's sort of the point - we tend to not fear that which is comfortable and familiar, regardless of the true risk (this is also one of the major factors in avalanche fatalities - people tend to be skiing/snowmobiling slopes they've done before).

Of course, because of problems with the data just mentioned, the analogy does run into trouble. We know that adjusted for relative exposure, the per hour risk from flying on a commercial aircraft is lower than the risk of driving in a car, so we can categorically say that the obsession with aircraft accidents is irrational. Since we don't have good control data, we can't make the same sorts of conclusions from the BBB study. It may in fact be the case that online transactions are more dangerous.

What I think is interesting, though, is that there is still a prevalent fear of giving out CC numbers online even on the part of people who otherwise hand out their CC willingly at grocery stores and gas stations and throw out their bank statements and tax information without shredding them. Even if e-comm is slightly less safe (and that's just for argument's sake), for most of these people the exposure to risk is far higher through other channels, yet the fear is lower. There is a disconnect there. Despite the problems already noted with the data, the BBB study is a means of answering those fears in a way similar to the transportation risk data. Unfortunately, crime statistics are notoriously hard to get good controls for, so we can never expect the same sort of quality as transportation data.

The main point, though, is that if people want to reduce their risk, the answer is to be careful who gets their CC number, online and off, and that means checking for an SSL connection and scanning for spyware, as well as shredding statements and keeping track of their wallets.

For those folks who depend on e-comm revenue (not me actually) and have to face skeptical customers, it is also useful information to allay the fears of customers and I think justifiably. Personally, I trust Amazon to handle my credit card info more carefully than I trust a given waiter who I don't know either and who dispappears into the back with my CC for 10 minutes.

Where I think the mass attack scenario is worrisome is when you're looking at it from the standpoint of a company who might be liable for thousands of compromised CCs as a result of lax security on your site. That is a legitimate concern, because there one attack has the chance of destroying a business. However, many businesses have been destroyed by fraud on the part of one bad employee as well. Security needs to be comprehensive.

6:38 pm on Feb 20, 2005 (gmt 0)

Senior Member

joined:Dec 29, 2003
votes: 0

just bought a nice cross-cutting shredder. CIA might figure it out what the page was, but definitely not worth for the average crook.
11:17 pm on Feb 21, 2005 (gmt 0)

Junior Member

10+ Year Member

joined:Feb 8, 2003
votes: 0

The headline on the front page is wrong - if 11.6% or fraud are online and the rest are offline, then online identity theft is a whopping 13.2% of offline!

Not that it matters, but if I hadn't posted it, somebody else would have. ;))

7:22 am on Feb 27, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 27, 2002
votes: 0

It does not help when folks like Slashdot ChoicePoint [yro.slashdot.org] have to be forced into admitting they had a major breakin.

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members