How does Identity Theft Occur?

2. How does Identity Theft Occur?

The different types of attacks can be classified by the attack vectors as given in Tables 1 and 2

Table 1- Attack Vectors Designed to Obtain an Individual Identity

Table 2 – Attack Vectors Designed to Obtain Multiple Identities

In this document the focus will be on technical solutions for attacks. Notice that many of the attacks which result in identity theft are similar in nature. Identity theft is usually a two or three-part crime: 1. personally Identifiable information is obtained, 2. the information is either used directly, or 3. sold to others who use it to make purchases or access funds.

For more information about an Identity theft lifecycle please refer to the Identity Theft Primer .

Identity theft is abetted by the proliferation of identity information stores, each with varying levels of protection. Consumers have little input or control over their personally identifiable information. With so many stand-alone and isolated data warehouses, identity thieves that successfully obtain identity information from one resource can relatively easily accomplish account compromises or true name fraud. For further information, please refer to “Why We Are Vulnerable”.