About Identity Theft
Identity theft is the crime of obtaining the personal or financial information of another person for the sole purpose of assuming that person’s name or identity to make transactions or purchases. Identity theft is committed in many different ways. Some identity thieves sift through trash bins looking for bank account and credit card statements; other more high-tech methods involve accessing corporate databases to steal lists of customer information. Once they have the information they are looking for, identity thieves can ruin a person’s credit rating and the standing of other personal information.
Identity theft can be segregated into two ways: true name and account takeover. True-name identity theft is when the thief uses personal information to open new accounts, whereas an account-takeover identity theft refers to when the imposter uses personal information to gain access to the person’s existing accounts. Today, there are many different examples of identity theft, including but not limited to financial, tax-related, medical, criminal, child, senior, etc. identity theft.
In addition to the immediate impact of losing money and running up debt, individual victims of identity theft can incur severe intangible costs, such as damage to reputation and credit report, which can prevent victims from getting credit or even finding a job. Depending on the circumstances, identity theft can take years to recover from.
Although an identity thief might hack into a database to obtain personal information, experts say it’s more likely the thief will obtain information by using social engineering techniques, which includes:
● Mail theft: stealing credit card bills and details, as well as junk mail directly from a victim’s mailbox or from public mailboxes on the street.
● Dumpster diving: collecting personal paperwork and discarded mail -which the victims forget to shred- from trash dumpsters is an easy way for an identity thief to get information.
● Shoulder surfing: the thief peeks or overhears information as the victim fills out personal information on a form, enters a passcode on a keypad or provides a credit card number over the telephone.
● Phishing: using email to trick people into offering up their personal information, generally containing links to fraudulent websites, or even malware.
Cybersecurity and COVID-19
According to IdentityForce, increasingly common COVID-19 scams so far in 2020 include:
● Fraudulent e-commerce vendors for masks, sanitizers and test kits
● Fraudulent investment sites
● Phishing and vishing through update emails, texts and voicemails
● Spoofed government and health organization communications
● Fake vaccines or “miracle cures”
● Scam employment posts
● Phony charity donation offers
Identity Theft Laws and Penalties in India
Identity theft consists is a crime comprising two limbs:
● Wrongful collection of personal identity of an individual
● Wrongful use of such information with an intention of causing legal harm to that person information
Because identity theft involves both theft and fraud, the provisions with regard to forgery as provided under the Indian Penal Code, 1860 (IPC) is often invoked along with the Information Technology Act, 2000, with the latter being the main piece of legislation in India governing cybercrimes. Some Sections concerned with Cyber Theft are:
● Section 43 If any person without permission of the owner damages to computer, computer system, etc. he/she shall be liable to pay compensation to the person so affected.
● Section 66 If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both.
● Section 66B Punishment for dishonestly receiving stolen computer resource or communication device is Imprisonment for a term which may extend to three years or with fine which may extend to rupees one lakh or with both.
● Section 66C provides for punishment for Identity theft as: Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine with may extend to rupees one lakh.
● Section 66 D on the other hand was inserted to punish cheating by impersonation using computer resources