Abstract
A few decades ago, identity theft was a little known and rarely used terminology in the United Arab Emirates (UAE). However, today, things have changed. Identity theft is a largely recognized terminology that has attracted the attention of members of the public, the media, and the government. It has also raised concerns among professionals in the field of accounting. In this paper, various issues related to this form of crime are discussed. The paper will mainly focus on this form of crime in the UAE and other countries.
The crime is made possible by the established nature of contemporary electronic payment systems. In the modern global economy, vendors of commodities and services are willing to offer their products and services on account of a promise of payment. The delivery is made so long as the promise is anchored on data that link the purchaser to a credit history and a specific account.
Cybercriminals can only succeed if they have access to the personal data of their target. Consequently, reducing the opportunities that help the criminal elements to access the data is the first step in the management of identity theft. Individuals, organizations, and governments have a role to play in the protection of data.
Introduction
Identity theft and cybercrime are fairly recent phenomena in the contemporary society. The security breach has attracted the attention of analysts and other stakeholders involved in the accounting and data sector. Identity theft is viewed as a form of white collar crime with serious social and economic ramifications (Ajayi, 2016). The crime is devastating and traumatizing. Its effects on the individual, the government, and the economy are long lasting. The effects can extend to businesses, the government, and the larger society (Ajayi, 2016).
Identity theft may be a relatively new form of crime in the field of accounting, especially in the UAE. However, it has attracted a lot of attention and concerns from the authorities and the society in the recent past. The concerns have prompted the government to introduce new laws in an attempt to provide enhanced protection of data. The undertakings are informed by warnings made by the media and government agencies, which are directed to members of the public. The warnings inform people that identity card numbers, as well as other forms of personal information, are some of the instruments used by unscrupulous third parties to access individuals’ identity. Once the identity of the individual is obtained, the cybercriminals can use the information to perpetrate their criminal activities.
In this paper, cybercrime and its impacts in the contemporary society, such as UAE, will be discussed. To this end, the paper will analyze the types of cybercrimes and identity thefts, the reasons behind this crime, and the techniques used by cybercriminals to carry out their activities. In addition, the paper will highlight some of the factors indicating that one may be a victim of identity theft, as well as a recent case of this crime in the UAE. Legal responses to this crime, especially in the UAE, will be highlighted. Finally, the consequences of identity theft and steps that can be taken to safeguard against cybercrime will be discussed. The discussions will be made from the perspective of the accounting field.
Types of Cybercrimes
According to police records, cybercrime is one of the fastest growing types of criminal activity in the modern society. The prevalence of this crime surpasses those involving credit card and check fraud (Ajayi, 2016). It is also higher than motor vehicle theft. According to security analysts and experts in the UAE, the identification and arrest of cybercriminals is extremely difficult (Neyadi et al., 2015).
Cybercrimes are illegal activities committed through the internet (Tropina, 2012). They also involve those crimes facilitated by the internet. To this end, cybercrime can be described as any criminal activity that involves networks and computers. There are different types of these crimes. They include sending unsolicited mail, cyber attacks against governments and other entities, and phishing of organizational secrets through hacking of the security systems (Nemati, 2012). Another form of this crime is identity theft.
Types of Identity Theft
According to Andress and Winterfeld (2013), this crime can be conceptualized as the use of the identification information that is unique to an individual without the permission of the owner. The identification information includes the individual’s identity card number and financial accounts. The financial accounts may entail those involved in investment, depository, and loans. It also involves unauthorized access to one’s online payment accounts and credit cards.
The different types of identity theft include:
- Theft of Social Security Number (SSN).
- Theft of Taxpayer Identification Number (TIN).
- Financial Identity Theft (FIT), including that of credit card and bank accounts.
- Criminal identity theft.
- Medical identity theft.
- Insurance identity theft.
- Child identity theft.
The various identity thefts take place with the express reason to commit financial crimes through impersonation, fraud, and direct of the victim’s identity to obtain some financial gains such as withdrawal of the individuals funds, obtaining loans and mortgages as well as goods (Andress & Winterfeld, 2013).
The current laws in the UAE view identity theft as knowingly transferring, possessing, or using any form of identification held or related to another individual without their permission (Norton, 2016). The theft is said to have taken place if the person accessing the information intends to use it to commit or abet a criminal activity (Chawki, Darwish, Khan, & Tyagi, 2015). Such an activity must be in violation of the law. The law views this crime as the form of fraud that is committed through the use of the identification information of another individual. For a crime to occur, the use of the information must be without the consent of the owner (Anderson et al., 2008). Violation of visa policies and gathering of information from customers through false pretense are also classified as forms of identity theft (Anderson et al., 2008).
Identifying information that is stolen includes any number or name that can be used to specifically identify an individual (Prosch, 2009). The number or name can be used on its own or in combination with other elements. When this definition is used, specific types of identity theft are made clear. They include unauthorized access to and use of names, dates of births, and employers’ numbers. Criminal use of biometric data is also considered to be another form of identity theft (Prosch, 2009). Another form of identity theft entails access to one’s electronic information, codes, and address without their permission. Such access is especially significant to professionals in the accounting sector.
Reasons for Identity Theft in the United Arab Emirates
Identity theft is committed for various reasons. Stickley (2008) notes the fact that financial gain is the major motivating factor behind the crime. In most instances, the criminals will engage in identity theft either to exploit the information for their personal use or to sell it to third parties at a profit.
Political and Economic Factors behind Identity Theft
According to Hedayati (2012), economic and political instabilities in the UAE and the developing countries have led to an increase in instances of identity theft. The most significant motivating factor for identify theft is financial gains irrespective of whether the thief withdraws cash, commits fraud, or uses a passport to secure employment. It is noted that each year, millions of immigrants from developing countries flee into the developed nations. For instance, many people are moving from African countries to the UAE. The immigrants are running away from political strife and poverty.
They are coming to the UAE to look for employment. According to Hedayati (2012), the UAE is one of the countries in the world with a huge number of immigrants. As of 2013, the number of foreigners in the country stood at 7.8 million. The figure is high considering that the total population in UAE stands at 9.2 million (Leon, 2017). The major reason for immigrants to engage in identity theft, including passports and driving license numbers, is to get jobs (Prosch, 2009). As such, the political and economic phenomena in developing countries encourage individuals to participate in illegal immigration. On its part, illegal immigration fosters instances of identity theft.
Social Factors and Identity Theft
Social environments, especially the habit of communicating through social media, are some of the factors that may lead to identity theft. For instance, as of mid-2016, there were more than 8.5 million internet users in the UAE (Leon, 2017). The figure represents 91.9% of the total population. Knowledge on social media and networks and the role they play in protecting privacy is important in today’s UAE society, which is characterized by computer-savvy young people. Individuals and organizations protect their confidential data through the application of various security mechanisms.
However, social engineering is an active element and remains one of the effective hacking methods used to obtain personal information (Karake-Shalhoub, 2008). Hedayati (2012) observes that this form of engineering is a technique that allows a hacker to bypass various technical security measures. They achieve this by attacking what is described as the human element in an enterprise.
Individuals and organizations in the UAE are increasingly turning to social networks and sites to keep in touch with one another. The sites include Twitter, Facebook, and Skype. In light of this, social engineers are viewed as a potential threat to the safety of the individuals. There is also the case of cultural attitudes in the realm of social networking. The high number of this crime in the UAE and other developed countries may be attributed to the habit of using family names, nicknames, important dates, or pet’s names as passwords for online accounts. Hedayati (2012) observes that 40% of social network users in the developed nations give their personal information via the internet.
The same information is used as the password. The habit increases the chances of identity theft. Given such social behaviors, the identity thieves can freely access the information that is already available to obtain further complementary data without arousing any suspicions.
Analyzing Major Motivating Factors behind Identity Theft
The major motivating factors with regards to identity theft is the desire to commit further crimes, sell the information to third party criminals, or the desire to hide the criminal’s identity. Most of the crimes that lead to identity theft are financial fraud, medical fraud, tax fraud, mortgage fraud, money laundering, and illegal immigration (Anderson et al., 2008). However, all these different types of crimes and frauds are committed by criminals who have the basic desire for financial benefits at the expense of the victim. For instance, the personal identification information can be used to create new credit cards to commit a financial fraud, obtain driver’s license, or even a motor vehicle registration certificate (Prosch, 2009). Other financial frauds may include online shopping, mortgage fraud, opening of new bank accounts, and tax fraud.
Identity theft may also be motivated by the need to obtain passports for illegal immigration. Resume frauds are motivated by the need to get employment for individuals with criminal records and immigrants who have no legal authority to be in the country (Prosch, 2009). Medical fraud is motivated by the criminal desire to obtain medical services under the victim’s identity. Tax fraud is motivated by the desire to receive tax refunds that the victim would have benefited from (Prosch, 2009). It can be observed that by and large, the overriding reason that drives and motivates identity theft of whatever form, is financial benefits to the thief.
Identity theft is facilitated by the established nature of the contemporary electronic payment system. There are various reasons why individuals engage in such crimes (Archer, Sproule, Yuan, Guo & Xiang, 2012). Identity theft can be carried out to access enough data regarding another individual. The data so acquired is used to counterfeit the established electronic link. The counterfeiting would enable the identity thief to acquire goods, services, and money at the expense of the victim’s account. It is noted that for many years, anonymous data-based transaction has characterized the credit card payment methods.
However, recently, the retail trade has become increasingly anonymous and dependent on individuals’ data. According to Archer et al. (2012), e-commerce has grown significantly. More vendors are offering credit on the strength of the report provided by the buyer. The changes may have reduced the transaction costs incurred by the vendors and the consumers. However, the reliance on electronic data has provided cyber fraudsters with new opportunities to perpetrate their criminal activities (Anderson et al., 2008). They use the data to benefit at the expense of the account holder.
To understand the reasons why identity thieves engage in this form of crime, it is important to acknowledge the fact that identity fraud and identity theft are often used interchangeably (CIPPIC, 2007). However, identity fraud is viewed as an “all-encompassing” term (CIPPIC, 2007). The criminals engage in this form of activity to help them use false identification for their personal benefits. On its part, identity theft is a form of identity fraud that is specifically associated with the use of another individual’s personal identification information (Anderson et al., 2008).
Another way through which the motivation behind identity theft can be understood involves highlighting the stages involved in the fraud. There are various reasons behind each of the stages. The first phase is the fraudulent and unauthorized gathering of personal information. The reason behind this undertaking is to support the second stage of the theft (Dean, Buck, & Dean, 2008). Here, the criminal uses the information so gathered to gain advantage over its owner. It can also be used to harm the holder of that information. As such, the reason for identity theft can be explained by the desire to misappropriate the information belonging to another person (Dean et al., 2008).
The data gathered can be utilized immediately. In some cases, the information can be archived for use at a later date. It can also be transferred to a third party for a fee. The understanding of identity theft continues with the actual utilization of the personal information mostly for economic benefits. The criminal impersonates the victim to access credit, goods, or services in the name of the victim. A significant hallmark of the malpractice is the repeated victimization through a series of fraudulent usage of the stolen personal information (Dean et al., 2008).
Other Uses of Identity Theft
Most crimes have negative consequences on the victims. However, according to Luppicini and Adell (2008), in most cases, the effects of identity theft are more devastating compared to those associated with other forms of crime. As such, the criminal can use this crime to harm their victim. In addition, the information so gathered can be used to support acts of terrorism. A case in point is when the cybercriminal accesses confidential information about a company and passes the same to the public or to the competitor. The company is likely to suffer economic losses.
When the identity of an individual is misappropriated, their privacy is violated. The criminal can perpetrate this form of crime to specifically violate the privacy of the victim (Hoffman & Ginley, 2009). The cybercriminal may also be intending to harm the victim financially. A case in point is when the thief makes financial transactions using the stolen information. They may also incur debts and link them to the account of the victim.
Such an undertaking may be conceptualized as economic terrorism (Fordham, 2008). The impacts of identity theft go beyond the financial loss. The victim of a conventional theft may be able to replace the stolen items. However, the victims of identity theft may lose their reputation, credit rating, and their standing in the community (Andress & Winterfeld, 2013). The criminal is aware of these impacts and may intentionally carry out the theft to achieve these objectives.
Cybercriminals may also be interested in destabilizing the national security of a given country (Hedayati, 2012). A case in point is when terrorists hack government servers to access information related to national security. They may use this information to blackmail the government. They may also use the data to identify the weaknesses of the security organs. The weaknesses are then exploited to carry out attacks against the government and the citizens.
Identity theft is used by terrorists to enable them to secure cover employment as well as accessing secure locations. Additionally, like the regular identity thieves, the terrorists often use identity theft to secure driving licenses and open bank accounts as well as credit cards account. These accounts are used to facilitate the transfer of funds to finance their criminal activities. Both the terrorists as well as the terrorist groups need money to fund to promote and perpetrate their agenda. In addition to the financial aspect of terrorism, identity theft is used to facilitate the creation of legal travel documents such as passports and driving licenses. These documents are then used to establish a false identity which further facilitates various terrorists’ crimes such as money laundering. The criminal can establish various bank accounts under various fictitious identities
Techniques used in Identity Theft
There are many techniques used in identity theft in the UAE and other parts of the world. They include the exploitation of technology. Such crime involves credit card fraud, which is a good example of how identity theft can be used to target a particular type of technology. The technology used in some of the credit cards is dependent on the magnetic strip or the holograms (Norton, 2016). The criminal may use various ways and techniques to alter and tamper with credit cards.
The cards are stolen or counterfeited to carry the identity information of the victim. For example, in December 2015, an Indian national working in Dubai lost his personal documents while in a public service vehicle. The criminals used the personal information in his wallet to access telephone services on his name. The victim received a bill of approximately Dh27500 from a telecommunication company (Leon, 2017).
The complicated nature of identity theft may have notable practical implications. Most crime reporting processes used by the police encounter difficulties in recording identity theft. Majority of the standard reporting forms do not have such a category. In addition, they lack criteria that can be used to help in the classification of particular incidences as identity theft (Norton, 2016). Furthermore, where other crimes, such as burglary, are concerned, the law enforcement agencies may lack an established procedure to capture information on whether or not theft of a victim’s personal data took place.
A victim of a burglary crime may not even think of finding out if such information was stolen. On the contrary, they will focus on other items, such as jewelry and electronic products (Nemati, 2012). It is what may have happened to the Indian national who lost his wallet in the example given above. Such glaring inefficiencies in the existing apparatus can help one to identify various techniques that may be used to perpetrate identity theft.
The individuals carrying out identity theft obtain the personal information through the use of various strategies. A simple way of obtaining this information may involve what is mainly referred to as low technology theft. It includes the theft of purses, wallets, and other containers that may be used to carry documents with the victim’s personal information (Norton, 2016). A case in point is dumpster diving. Here, the criminal gathers personal information by sifting through the garbage thrown out by an individual. Such garbage may contain shreds of the victim’s personal information. High technology techniques, on the other hand, require some level of skills and experience. It includes the use of the internet in what is termed as pretext calling and skimming.
Skimming is carried out by using computers to decipher and store the information embedded in credit or ATM cards (Fordham, 2008). The information can later be en-coded and transferred to another card that has a magnetic strip. The new card becomes a machine-readable credit card. The counterfeit is similar to the card that contained the stolen information. For example, in September 2015, fraudsters used the identity of a Filipino working in the UAE to create credit cards in her name. They used the cards to access a loan of Dh10130 from a bank (Leon, 2017). Pretext calling, on the other hand, is a situation where the fraudster makes contact with the target victim (Fordham, 2008). The contact is established through false pretense. The purpose is to obtain the victim’s personal information.
The thief may also call an unsuspecting customer purporting to be an employee of the credit card-issuing company seeking to confirm some unusual activity on their account. The purported employee would then ask for the security code and other data. By giving out the code, the victim provides the criminal with their personal information (Tropina, 2012).
Another example of technology-based identity theft technique is the access to databases that hold customers’ financial and personal data. Such information is used by the criminals to gain access to bank accounts. When access is granted, the criminal may then transfer funds, obtain credit cards, or open a utility account (Norton, 2016). Such frauds convert the stolen identity information into cash. It is important to note that the exploitation of individual identities derived from the databases can only be anecdotal.
However, there is little research information on the extent to which such information has been used to abuse the individuals’ identities. Most of the reported cases are extortionist in nature. To this end, the criminal extorts money from the organizations that own the information. Essentially, such cases may not amount into identity theft in the strict definition of the term (Andress & Winterfeld, 2013).
Another technique used in identity theft entails phishers scam (Norton, 2016). In this case, the identity thieves create or purchase a domain name that resembles the one used by an existing financial institution. The identity thief then proceeds to send bulk emails requesting the customers served by the institution to verify their accounts by sending their personal details. Such details include, among others, social security numbers (Norton, 2016).
Spoofing is another strategy used by cybercriminals to steal identity. The strategy entails the creation of a fraudulent website that is identical to a real site used by a financial institution (Prosch, 2009). The clients served by the organization are then directed to the fraudulent sites. They are subsequently lured into disclosing their personal and confidential information. The criminal then uses this information to carry out a fraud. The fraud is disguised as legitimate financial transactions.
Financial scams are associated with the exploitation of information systems and specific technologies. In most cases, such scams take place in telemarketing frauds. For instance, the fraudster may request for personal information while pretending that they are carrying out a security check. The scammers may also place fake storefronts on the Internet. The fronts look like the known websites of the retailers (Tropina, 2012). They may also send pop-up solicitations. The solicitations require the recipient to provide personal and financial information. The criminals pretend to be working for a government agency or a known business organization. The success of the scams depends on the ability to dupe the victim through the use of scam tricks tailor-made to suit a new technology.
Identity theft in many financial institutions, such as banks, is as a result of careless handling of confidential information belonging to the customers. In some cases, the theft may take place through cases of deliberate misconduct (Fordham, 2008). In other instances, employees of a financial institution can use their privileged access to customers’ personal information to carry out identity theft. They may also help other criminals to carry out the crime. In an effort to combat the menace, regulatory agencies review cases of reported suspicious activities on a regular basis.
As a result of the increased awareness regarding the monetary value associated with the acquisition of individuals’ personal information, offenders may commit what may be referred to as traditional theft with the aim of obtaining the personal data of their victims (Tropina, 2012). As such, robbery, burglary, muggings, pick-pocketing, and theft from cars are techniques that can be used in identity theft. Bribery may also be used as a strategy to access the databases of business and government agencies. In these cases, the fraudsters bribe an employee and convince them to avail the required passwords. In some instances, the employees are compromised to leave both virtual and physical doors unlocked.
Document theft is a common form of identity related criminal activity. It is regularly used to facilitate the commission of other crimes. For instance, a personal identity thief may obtain some important pieces of a victim’s identity, such as their date of birth. The scattered information is then used to breed additional data (Prosch, 2009). The fraudster carefully uses the little information at their disposal to extract more data.
They do this either through the internet or via the phone. The gathered information is then used to counterfeit and forge new credit cards with the necessary identification. It is what could have happened to the Filipino expatriate highlighted earlier in this paper. The criminals may also open bank accounts and obtain new credit cards (Dean et al., 2008). It is observed that an entirely new way of conducting further transactions, which are intended to facilitate different crimes, may be accomplished through identity theft.
Indicators that One may be a Victim of Identity Theft
There are several factors that can be used to identity victims of identity theft. The first sign involves unauthorized charges made to a bank account or a credit card. For instance, in September 2015, identity criminals used the details of a salesperson in Nepal to incur a debt of Dh28800. The criminals used the card to withdraw money from an ATM in Sharjah (Leon, 2017). In addition, a collection agency may come after an individual demanding that they pay for things that the holder of the card did not purchase. According to Nemati (2012), another indicator of a victim of identity theft involves denial of credit, job, or mortgage due to negative credit rating.
Such rating means that the individual’s financial history may have been compromised. When extra bills turn up in the mail, the individual should look out for identity theft (Nemati, 2012). The irregularity is discernible since most of the bills may be coming from vendors who are unknown to the individual. A case in point is an Indian national living in the UAE. His lost Emirates ID was used by criminals to subscribe to six postpaid mobile numbers. The telecommunication company sent the victim a bill of Dh14000 (Leon, 2017).
A Recent Case of Identity Theft in the United Arab Emirates
In 2016, a Filipino warned the public against handing over documents with personal information within the banking premises. People were warned against passing such information before making checks on their identity (Norton, 2016). The victim was shocked after learning that she was supposed to have an active credit card with the First Gulf Bank. The account had an outstanding loan balance of Dh10130 (Leon, 2017). She traced the fraud to a failed credit card application some months before. The victim had given her personal documents to a bank agent outside the premises. She had to suffer emotional, time, and money losses as she tried to sort out the issue (Norton, 2016).
Legal Responses to Identity Theft in Different Countries
According to Tropina (2012), an incident of pirated software led to significant losses to software companies across the globe. As a result, the Gulf Cooperation Council (GCC) directed the member states to create a treaty regarding cybercrimes within the Gulf region. The individual states were required to enact the requisite legislations on the issues of cyber and identity theft crimes.
Legal Responses in the United Arab Emirates
In response to the GCC recommendations, the UAE enacted the first comprehensive cyber law within the Gulf region. The legislation was passed through the Cybercrimes Act No. 2 of 2006 (Nemati, 2012). The act contains 29 articles. The articles legislate against credit card fraud, hacking, and human trafficking (Nemati, 2012). The legislation prescribes hefty penalties for individuals who commit cybercrimes. It targets individuals who violate the privacy of other people using information technology. The legislation was later amended to include the crimes of fraudsters, identity thieves, and hackers (Nemati, 2012).
The law also deals with individuals who may impersonate others. It covers phishing and other identity theft methodologies. Such individuals risk a jail term of three years if found guilty. The legislation was updated to the UAE Cybercrime Law of 2012. In this law, a number of cybercrimes are defined. They include breach of privacy, defamation, and publication of illegal content on the Internet. More importantly, money laundering, credit card fraud, and identity theft are covered under the UAE Cybercrime Law of 2012 (Chawki et al., 2015).
Legal Responses in Saudi Arabia
In 2006, Saudi Arabia responded to the GCC’s demands for the Gulf countries to enact cybercrime legislations. The Shoura Council enacted the Kingdom’s first law to address the rising cases of cyber crime. The law was used to address the issue of inter alia and illegal interference and access to data (Nemati, 2012). The enactment identified such crimes as hacking, terrorism, and defamation (Neyadi et al., 2015). The laws are aimed at protecting people, organizations, and the government from harm through the internet.
Consequences of Identity Theft
When personal data is compromised, the individual is exposed to a significant threat of identity theft and related crimes. It also damages the reputation of the organization that was the target of the security breach (Hoffman & Ginley, 2009). The security breach may also lead to significant financial losses to all parties involved. It is not possible to have absolute security. However, many organizations and individuals in the UAE fail to take basic measures required to protect their identities. Most of these measures are readily available and inexpensive. The theft of personal information as a result of these security breaches has a number of consequences to the UAE residents.
Emotional Toll
Identity theft is largely viewed as an invisible form of crime. It involves a scenario where the criminal quietly acquires the victim’s identity information and uses it for financial gain. The activities of the criminal have significant impacts on the emotional welfare of the victim. Many victims are likely to lose money and time. However, the emotional toll is a significant problem that may not be easily quantified. In 2015, for instance, the Dubai Police dealt with more than 1500 cases of cybercrime in the country (Chawki et al., 2015). Most of these victims suffered financial stress. Some of them may experience emotional effects that are similar to those associated with physical violence. The effects range from anxiety to emotional instability.
It is observed that similar to the financial impacts of identity theft, the emotional toll can also be long-lasting. The victim will struggle to come to terms with their financial loss and the difficulties associated with regaining their identities. Victims of identity theft display emotions that are similar to those presented by individuals who have undergone trauma, assault, and home invasion (Norton, 2016).
The victims exhibit signs of grief and heightened sense of anxiety and depression. Other signs include loss of confidence, sleeplessness, lack of appetite, and emotional volatility. Other emotional impacts of identity theft include loss of motivation and self-medication with food and alcohol. Since identity theft comes as a shock, the effects can alter the life of the victim. It may affect their health, emotional well-being, and relationship with others.
Self Blame
Some victims of identity theft may feel that the crime occurred due to their carelessness or a mistake on their part. For instance, the Indian man who lost his wallet in Dubai and later became a victim of identity theft may blame himself for the crime. They may rationalize that their carelessness is what led to the loss of their wallet and, consequently, the identity theft that followed. As such, they may be embarrassed and, ultimately, blame themselves for the crime. Some victims are unable or hesitant to ask for help. The reason is that they may be convinced their inactions or actions are to blame for the crime (CIPPIC, 2007).
For instance, they may blame themselves for failing to secure the password and not destroying or shredding personal documents. It is important to take responsibility for the security of personal identity. However, the victim’s self-blame can be emotionally damaging.
Family Strife
According to CIPPIC (2007), identity theft may be committed by family members and friends. Such individuals target a relative or a friend and steal their identity for financial gains (CIPPIC, 2007). The feeling of betrayal on the part of the victim can be devastating. However, many victims may fail to report the crime to the law enforcement agencies in order to protect the family member or friend. With regards to identity theft within a family setting, there is the likelihood of strained relationships between the members (Tropina, 2012). Such pressures would leave the victim suffering alone as they seek ways to recover.
How to Protect against Identity Theft
How Individuals can protect themselves Against Identity Theft
One way of protecting oneself against theft of personal information is to shred financial documents that may contain personal information before they are discarded. In addition, one should protect their identity card by not carrying the document in the wallet or writing it down on a check (Fordham, 2008). Individuals should avoid giving their personal identification information on phone, over the internet, or on mail.
Such information should only be provided when the individual is sure of the person who they are dealing with. Another way to protect the personal information is to avoid clicking on web links sent through unsolicited mail. Instead, individuals should always use web addresses that they know (Fordham, 2008). It is also essential to use anti-virus, firewalls, or anti-spyware to protect one’s computer. When an individual is using peer-to-peer file sharing, they should check the security settings of the system to ensure that the sharing does not involve sensitive personal data (Fordham, 2008).
Individuals should also avoid using obvious passwords. Such obvious choices include their date of birth and other identifiers that are well known to families and friends. In addition, the individual should be alert to events that may require immediate response and attention. Such events include unexpected account or credit card statements, denial of credit facilities without a reason, calls regarding purchases that were never made, and unfamiliar charges on the financial statement (Fordham, 2008).
An important way through which an individual can prevent identity theft is by paying attention to their billing cycles, as well as reviewing and analyzing their monthly statements for inaccurate entries. Immediate follow-up with creditors is important when bills do not arrive on time (CIPPIC, 2007). A missing bill is an indicator that the account has been taken over by an identity thief and changed the billing address. A dispute should also be filed should an individual notice transactions that they had not authorized.
Personal information should always be kept in a secure place, especially at home. The security of personal information should be guarded, especially where people share rooms, engage outside help, or have occasional service work at home (Fordham, 2008).
It is advisable to keep the PIN away from ATM cards, debit cards, and credit cards. An individual can also avoid identity theft by guarding their mail by promptly removing incoming packages from the box. They should also deposit outgoing mail only at the post office. In addition, if the individual is likely to be away from home for some time, they should request the post office to make a vocational hold on incoming mail (Dean et al., 2008).
Ultimately, the best protection against identity theft is to avoid carrying one’s social security card. People should also avoid leaving insurance policies in the car and keeping their wallets where pick-pocketers can access them. In addition, they should hold their purse tightly against the body. Additionally, it is essential to burglar-proof one’s home with additional security appliances. Financial records and other important documents should be kept in a home safe or in a lockable cabinet (CIPPIC, 2007). Identity thieves can only carry out their business if they have access to individuals’ personal data. Consequently, reducing the opportunities through which the criminals can have access to the data is the first step in the prevention and reduction of identity theft (CIPPIC, 2007).
How Organizations in the United Arab Emirates can protect themselves Against Identity Theft
There are several steps that organizations in the UAE can take to ensure that they do not fall victim to cases of identity theft. One of them entails installing and updating security software in all the computers used by the organization, especially those that are connected to the internet (Karake-Shalhoub, 2008). Such security measures include the use of anti-virus, anti-phishing, and anti-spyware software. The aim is to keep out malicious third parties from accessing the company’s systems. To this end, all the computers used by accountants should have security software.
Organizations should also educate their employees on the need for taking precautions when dealing with sensitive information (Neyadi et al., 2015). The employees should be trained on cyber security to equip them with the skills required to safeguard the organization from cybercrime. In addition, the employees should avoid clicking on suspicious links or attachments. Clicking on these links may open up the firm to cybercriminals.
It is also important for the firm to secure the physical rooms where materials pertaining to the operations of the organization are kept (Leon, 2017). To this end, the management should consider investing in a safe and vetting all the employees accessing sensitive data. In addition, all documents pertaining to the firm’s accounts should be secured. The organization also needs a contingency plan to deal with cases of identity theft (Leon, 2017). Such plans include establishing hotlines to contact the UAE authorities to report any cases of suspected and actual theft of identity. Furthermore, the employees should have information on how to react when they encounter cases of identity theft.
Identity Theft: Questions and Answers
In the questionnaire, the respondents drawn from organizations in the UAE were asked about what they need to know regarding the issue of identity theft. Some reported that people need to constantly improve their skills regarding the use of online services. Other respondents observed that cybercrime has become more prevalent because of advancements in information technology. In addition, most people are unable to identify where such crimes are likely to take place. Identity thieves are everywhere and they can easily track the activities and movements made by an individual on the Internet.
Most of the respondents reported that the people who do their business online are more likely to be targeted by identity thieves. Other possible targets include the wealthy people in the society. A significant number of the respondents reported that individuals who use social media a lot are more likely to suffer from identity theft. In addition, others responded that individuals who lack skills in information technology were likely to be victims of identity theft (Luppicini & Adell, 2008).
On the issue of “insider access” and why it is the most dangerous identity theft technique, some respondents said it entailed a person who knows their victim well. Others believed that it involves individuals who are criminals and could track down someone and access their personal details. In addition, inside access could mean someone who can hurt without knowing. It appears that the question was not well understood. However, the second group observed that inside access has to do with people working within an organization (Fordham, 2008). They added that these people are a real danger to consumers and organizations.
With regards to what can be done to prevent identity theft, most respondents reported that personal details have to be kept secret. Others observed that raising awareness was a sure way of preventing identity theft. With regards to the motives behind identity theft, most respondents identified personal and financial problems. However, some subjects reported that identity theft is carried out for fun (Fordham, 2008).
Conclusion
Identity theft in the UAE is mostly associated with the emergence of information technology in the accounting sector. It may involve the theft of personal data pertaining to the individual’s financial accounts. Some of the motives behind this form of crime involve financial benefits at the expense of the victim. Identity theft remains a major concern in the UAE. Individuals, organizations, and governments should continuously improve the security of confidential data by regularly reviewing safety measures that are in place already.
Many victims of identity theft are embarrassed because of the crime committed against them. The embarrassment is brought about by the fact that most of them may be unable to prove or explain the problem to the authorities and to other people. Analysts also observe that most identity thieves are people known to the victim. They include, among others, family members, employees, and former employees. In most cases, identity theft is appealing to criminals because of the details related to credit cards and bank accounts.
The information can be used for monetary gains. The government has taken several measures to prevent identity theft. The measures include legislations, such as the UAE Cybercrime Law of 2012, which clearly define the penalties for such a crime.
A number of measures can be taken by individuals and organizations in the UAE to minimize the risks of identity theft. For instance, individuals should always use trusted websites to conduct businesses on the Internet. In addition, people should avoid giving out their personal details to other individuals. Such personal details include ID card and passport numbers. The information can be used by the criminals to harm the owner of the details. The use of unique and strong passwords is another strategy that can be used to avert identity theft in the UAE.
References
Ajayi, E. (2016). Review: Challenges to enforcement of cyber-crimes laws and policy. Journal of Internet and Information Systems, 6(1), 1-12.
Anderson, K., Durbin, E., & Salinger, M. (2008). Identity theft. Journal of Economic Perspectives, 22(2), 171-192.
Andress, J., & Winterfeld, S. (2013). Cyber warfare: Techniques, tactics, and tools for security practitioners (2nd ed.). New York, NY: Syngress.
Archer, N., Sproule, S., Yuan, Y., Guo, K., & Xiang, J. (2012). Identity theft and fraud: Evaluating and managing risk. Ottawa, Canada: University of Ottawa Press.
Canadian Internet Policy and Public Interest Clinic. (2007). Identity theft: Introduction and background. Web.
Chawki, M., Darwish, A., Khan, M., & Tyagi, S. (2015). Cybercrime, digital forensics, and jurisdiction. New York, NY: Springer.
Dean, P., Buck, J., & Dean, P. (2008). Identity theft: A situation of worry. Journal of Academic and Business Ethics. Web.
Fordham, D. (2008). How strong are your passwords?. Strategic Finance, 89(11), 42-47.
Hedayati, A. (2012). An analysis of identity theft: Motives, related frauds, techniques, and prevention. Journal of Law and Conflict Resolution, 4(1), 1-12.
Hoffman, S., & Ginley, T. (2009). Identity theft: A reference handbook. Santa Barbara, CA: ABC-CLIO.
Karake-Shalhoub, Z. (2008). Population ID card systems in the Middle East: The case study of UAE. In C. J. Bennett & D. Lyon (Eds.), Playing the identity card: Surveillance, security, and identification in global perspective (pp. 128-142). New York, NY: Routledge.
Leon, J. (2017). What you should know about identity theft. Gulf News. Web.
Luppicini, R., & Adell, R. (2008). Handbook of research on technoethics. New York, NY: Information Science Reference.
Nemati, H. (2012). Privacy solutions and security frameworks in information protection. New York, NY: IGI Global.
Neyadi, A., Kaabi, A., Kaabi, L., Ghufli, M., Shamsi, M., & Khan, M. (2015). Internet governance and cyber crimes in UAE. International Journal of Scientific & Technology Research, 4(11), 350-357.
Norton. (2016). What is cybercrime?. Web.
Prosch, M. (2009). Preventing identity theft throughout the data life cycle. Journal of Accountancy, 207(1), 58-63.
Stickley, S. (2008). The truth about identity theft. London, UK: Que Publishing.
Tropina, T. (2012). The evolving structure of online criminality: How cyber crimes are getting organized. Eucrim, 4, 158-166.