Saturday Oct 25

Jart in the News

HostExploit Twitter

ID Theft Fosters 'Doppelgangers'

Attention: open in a new window. PDFPrintE-mail
Share/Save/Bookmark

Current estimates show that two thirds of adult Web users globally have been victims of cybercrime, with ID theft the No. 1 target. And in that vein, although loss from your bank account or credit card via phishing is troublesome, how about discovering a doppelganger, the exact double of you in all but physical characteristics, not just online but in person?

This isn’t idle speculation: Recent news reports cite high-profile examples, such as the president of India discovering that someone on Facebook had set up a fake profile of him and was using it to spread false diplomatic statements.

Even more worrisome is the case where criminals stole the Facebook identity of Ronald Noble, the secretary general of Interpol, to gain access to “Operation Infra Red," which targets criminals on the run from murder, pedophilia, drug trafficking, and money laundering charges.

Let’s take a slightly nervous but eager volunteer, a real person -- fearless Internet Evolution editor Mary Jander, to demonstrate how easy it is to create a doppelganger.

First, let’s start with a US passport for Mary Jander. On the dark online markets, the current price is around $1,000 (€750); with a matching and current driver's license the total would be about $1,200 (€1,000); for an extra $20, I could get the package expedited by FedEx.

This kind of information isn’t just available for wannabee US citizens, although that information does gain the highest market price. I could also get a passport and driver’s license for Australia (€900), Canada (€850), or Germany (€800). Even diplomatic passports are readily available, for a price.

So far, so good; but why Mary, you ask? Why not a made-up person, or one who is already dead? That’s simple: Mary has an active life that includes credit reports, bank statements, credit cards, and life history. Those are the core ingredients for a successful doppelganger -- and the ultimate goal for ID theft.

For example, with Mary’s stolen medical records, banking information, or online personal information via Facebook and other social networks, I only need a good thread to be able to turn up most of the rest -- current address, affiliations, friends, and, professional history.

The passport and driver’s license are obviously key components, but I could also gain bank statements, utility bills, proof of insurance, and so on. All these are available for $25 to $100 apiece. So for the grand total of around $2,000, I have everything I need.

With the total package I can move around the world, set up house with a good history, rent an apartment, find employment, and even get a mortgage. Of course, the real Mary Jander may get a bad shock when she checks her credit rating or applies for a passport renewal.

Just to clarify: This is an exercise, and the actual doppelganger was not created.

You no doubt have a few questions -- like who would be the likely customer for a doppelganger? Or surely the forgeries could easily be picked up by immigration?

The answers to these questions come best from a real expert and a (former) forger and impersonator extraordinaire, Frank Abagnale, whose life on the run from the FBI was made into the entertaining 2003 movie Catch Me If You Can.

As Abagnale recently explained, identity theft is one of the most common crimes right now. He says the best way to protect yourself is to keep your information personal. The old story but always worth repeating: Take care what personal information you provide on social networks, and avoid your PC being hijacked.

Oh, and just to check if you have a doppelganger, do a Google search for your name, placing it within double quotation marks. For example, you will find a few Mary Janders in the US, in Canada, and others in Australia, the UK, and beyond, especially if you search the online “people finder” Web pages.

Of course, there is only the one Mary Jander we know... I think. How many of you are around?

by jart armin

www.internetevolution.com

Jart Armin