Identity theft is a type of information crime that takes advantage of weakly concealed identities to masquerade as a genuine user of an information system and use the identity to log in and take advantage of the system. The theft of identity is a hazardous thing as it usually means that the person who has the stolen identity is allowed to gain access to the system. This exposes the system to many threats as well as causing the loss of information. The person who logs in with a stolen identity is also likely to make modifications to the information or even steal it, making it very hard for the information system managers to determine the accuracy of information.
Identity theft takes place over the course of a research period during which the attackers will go through all the information they can get about someone working with the system. This information gets to be applied in creating a person’s profile, and this can be used to piece together evidence that is enough to form an identity for that person. Other information can also be stolen from the genuine user in emails that solicit information or during phishing attacks. The users are duped into revealing their private information to websites that are simple replicas of the genuine website. Once this information has been stolen, it can perform all kinds of attacks on the system.
An information system’s security is also exposed to attackers when they have an identity to work with. If one of their phishing attacks becomes successful, they are very likely to use this identity to gain access to the system. Once they are inside the system, they will act as genuine users and access all the information they can get about the system. With this in mind, all the tracks and steps of an information system user must be controlled and recorded to ensure that the attacker gets to be tracked down if an information system does get attacked. Any changes and modifications they make to the information reverted. Additionally, identity theft should also be reported in time so that the access credentials that have been stolen are revoked and can no longer be used on the system.
In conclusion, the security of modern information systems is determined by how well the identities are concealed. If an identity is stolen, the information is badly exposed to the attacker and can be modified or stolen using the stolen identity. Managing identities and using several means of verifying an information system user is important to maintain the second level of information security, which secures the system and prevents any information from leaked or stolen by the attackers who have managed to obtain the identity of one of the users of the system.
