Characteristics of Cyber Identity Theft

by Lee Ann Hirko

The Federal Trade Commission reports that some 9 million Americans are victims of identity theft each year. As the Internet continues to grow as a platform for information exchanges, research and communications, thieves develop ways to exploit this global network to obtain various types of private information that includes passwords and financial details. As a result and unbeknownst to you, you could become a victim of cyber, or online, identity theft. This form of theft comes with a series of distinguishing features or characteristics that make it different from typical thefts like having a wallet or purse stolen.

Cyber Identity Theft

Criminals can cause significant financial damage as a result of cyber identity theft.

Cyber identity theft occurs when someone accesses your private and confidential information online without your permission to use to commit crimes such as fraud. Stolen data can include your name and address, Social Security number, birth date, credit card number and passwords. With your information, criminals can apply for credit cards or loans, as well as make fraudulent withdrawals from your bank account. They can redirect your bank or credit card statements to an address other than yours, so you'll be unaware that anything is happening until there has been substantial damage to your credit, assets and reputation. Very often, the theft isn't noticed until you review your credit card statement and see purchases you didn't make. Other times an identity theft may be discovered is if you happen to check your credit report for an unrelated reason or apply for a loan and have it delayed or declined. Thieves use a number of online tactics to commit identity theft.


Online identity theft often occurs when you respond to a spam, or unsolicited, email. The email usually promises you some type of benefit, which makes the email all the more attractive. To receive the benefit or offer, the sender asks you to provide him with information, usually by clicking on a link in the email. You're taken to a convincing website where you supply the requested information, which usually includes financial details, through an unsecured connection. The criminal collects your information with no intention to follow through with the offer.

Phishing Emails

Phishing is similar to spamming except that it comes in the form of emails, pop-up Web pages or text messages. The information you see -- layouts, colors, logos and fonts -- looks identical to that of a reputable company you may have interacted with legitimately before. Phishing messages are usually specifically worded to raise alarm, and their tone is always urgent. Several common scripts are used in phishing emails. One of them is that there's a suspected, unauthorized transaction on your account, and you must click on the link provided to confirm your identity. This of course leads you to a convincing but unsecured site. You can report suspected phishing messages when you receive them. Forward them to your bank, credit card company or other organization that appears in the email, going to the website manually instead of following any links in the email. You can also report them to anti-phishing organizations. The Anti-Phishing Working Group (link in Resources), for example, is a group of technology security vendors, law enforcement agencies, Internet service providers and financial institutions that use reports to fight phishing.


While spamming and phishing are the two most common features of cyber identity theft, there's another that's critical to your online safety -- spyware. Spyware comes from several unsecured practices such as opening email attachments, visiting questionable websites, downloading software or files from questionable websites, sharing files or clicking on pop-up Web pages. When you do any of these, you leave your computer wide open for the installation of malicious software that runs in the background unnoticed, logging your keystrokes, recording your browsing habits, monitoring the programs you use and then collecting your personal information from them.

Avoiding Cyber Identity Theft

There are many ways to help prevent online identity theft. Never click on links from unsolicited emails or open attachments from unknown sources. Search for the company's Internet Protocol address using a geo-location service provider. The general geographical location of the IP address should match the shipping or billing address of the company. You can also perform a "whois" search of the company's website address using a site like This will tell you who the domain is registered to and his address. Avoid purchasing goods from high risk countries such as Vietnam, Serbia and Nigeria. Avoid visiting or downloading files from questionable websites. Get a reputable firewall and anti-virus/anti-spyware and keep definitions up to date. Always review bank and credit card statements. When in doubt, contact the financial institution in question directly.

About the Author

Lee Ann Hirko has been a technology writer, analyst and editor for more than a decade. She has worked with major international technology vendors such as HP and Trend Micro.

Photo Credits

  • photo_camera Comstock Images/Comstock/Getty Images