Cyber Curiosity: Introduction (Revised)

Your name, social security number, address, date of birth, driver’s license number. Vital pieces of information that create your identity. Combined they make you who you are to others. You need them to identify yourself when you go to work or school, apply for credit cards and bank accounts, or get a passport or ID. They’re essentially your keys to the world.

Without them who would you be? How would you prove you are to the world?

Dave Crouse was forced to face that reality. [1]

“I have no identity,” said fifty-six-year-old Crouse in an interview with MarketWatch. “I have no legacy. My identity is public knowledge and even though it’s ruined, they’re still using it.” [2]

In six short months, the criminals had slowly but surely charged over $900,000 to his debit card. He fought tirelessly against the attacks and attempted to salvage his finances, but ultimately those attempts cost him almost $100,000. He drained his savings and retirement accounts in the process. Even his once stellar credit score, formally a 780, has plummeted. [3]

Crouse was a favorable target for a cyber-criminal. He was a frequent online shopper, and he did the majority of his banking online. He would frequently use his debit card during his shopping sprees without using any additional protection measures such as PayPal. One of his favorite pastimes was downloading songs from file sharing websites, that are notoriously riddled with malware. [4]

The first suspicious activity in his account occurred in February of 2009, but Dave dismissed the charges since they were for small amounts of $37 and $17.98. [5]

He was financially secure, and at the time, he had a job in the construction-industry making $180,000 a year. The account that he did most of his spending out of typically had around $30,000 in it at any given time. [6]

In March, he was laid off from his job. His former $2,300 a week income shrunk to $780 biweekly unemployment checks. [2]

Unfortunately for Crouse things really took a turn for the worse in August, “All of a sudden it really got bad,” he recounts. “In August the charges hit big time — $600, $500, $100, $200 — all adding up from $2,800 to $3,200 in one day.” [7]

Once he discovered the fraudulent charges, he immediately contacted his bank and began the long process of filling out affidavits, forms swearing he was not responsible for the charges on his account. He says he filled out about 20 affidavits, and one day he filled one out concerning a charge and the following day the bank accepted similar charges nearing $4,000. [8]

“At that point I was going to the bank every day and looking at everything,” he said. [9]

Even after he closed his debit account, his other accounts were still getting drained daily. Crouse then decided to go to a new bank and open a new account, hopeful that his information was safe there. The next day both accounts, the new and old one, were fraudulently charged for $1,100. [10]

Crouse felt defeated. [11]

His new bank explained to him that he was very likely a victim of a cybercrime. It was possible that a keystroke malware had been installed on his computer without his knowledge while he was visiting one of the file-sharing sites he frequented. If this was the case, his computer was now infected and the hacker was tracking every key he struck and that’s how he picked up all of his personal information. [12]

Malicious software, or malware, such as keystroke malware is often not a targeted attack. When this type of malware is created, it is created to produce as much impact or financial gain as possible with as little effort as possible. It is sent to as many people as possible so that it is given a greater chance of giving the attacker a return on his investment.

It’s also possible that Crouse’s information was being sold on the dark web. He reported that people in multiple locations in Florida, Brooklyn. NY., and North Carolina were using his identity to make purchases. [13]

It’s common for cybercriminals to sell personal information on the dark web for as little a $1 for a social security number. Prospective criminals can also buy what’s known as a ‘“Fullz,” a full package of someone’s personal information (including the victim’s full name, social security number, birth date, account numbers, and other sensitive information) for about $30. [14]

“It was nasty,” he said, admitting that he even contemplated suicide. “I just couldn’t take it. I didn’t feel like a man anymore. I was violated and I didn’t know what to do.” [15]

His identity — Social Security number, address, phone numbers, name, even his old information — is still being used in attempts to open new credit cards and bank accounts. [16]

You might believe that Crouse’s case is an outlier, but, unfortunately, you would be mistaken. His case is much more common than you may think.

The Internet Crime Control Center (IC3) — the FBI’s department for cybercrime reports and investigations — reported that in 2019 alone there were 68,649 victims of personal data breaches, identity theft, and credit card fraud, and they lost a total of $391,899,453. [17]

Perhaps you believe that you have no reason to be concerned about your personal cybersecurity, because you believe that there is nothing that you can do to protect yourself or that it is the responsibility of corporations to worry about cybersecurity. Yet, I spoke to some experts who believe that we can all become more responsible cyber citizens.

This book explores some techniques that can help you secure your identity as you navigate through the modern world. No one can reduce their risk of being a victim of a cybercrime to zero, but you can be one step ahead.

The Power of Connection

It’s also a common belief that everyday people don’t need to have any knowledge of technology or cybersecurity. Many individuals have developed apathy toward their private online data and they truly don’t care what happens with their cybersecurity.

When I became aware that my online activity increases my risk of being a victim of a cyber attack, I changed my online behavior and adopted healthier cyber habits. I realized that increased exposure = increased risk.

However, I have come to believe something else.

Cyber attacks can, and very likely will affect you. Anyone can be a victim of a cyberattack, it’s just a matter of the impact and the timing, which is why everyone can benefit from having knowledge of technology and cybersecurity in their daily lives. I learned this lesson first-hand during my junior year of college.

In 2019, IC3 reported that cybercrimes accounted for $3.5 billion in victim losses. The IC3 received over 1200 complaints concerning cybercrimes or a suspected cybercrime per day. [21] Not all victims of cyber attacks report their situation to the IC3, so the figures are an underestimation of the true impact of these crimes.

Fortunately, I also learned you don’t have to trade the enjoyment of being connected for enhanced cybersecurity.

Discover Your Curiosity

  • Cyber Crime
  • Safe Browsing
  • The Dark Web
  • Malware
  • Cyber Privacy
  • Identity Management
  • The Privacy Paradox
  • Ethics in Technology
  • The Growth of Cyberspace
  • Hyperconnectivity
  • The Importance of Personal Cybersecurity
  • Effective Cybersecurity in Business

My intention is for this to be a guidebook for those wanting to protect themselves and their families as they navigate cyberspace in their daily lives. This is why Part 3 is dedicated to tips and broken into age groups (Children & Teens, Adults, and Seniors). I will also explore and explain how psychology, human behavior, ethics, and privacy play a large role in the study of cybersecurity.

Footnotes

  1. Ibid.
  2. Ibid.
  3. Ibid.
  4. Ibid.
  5. Ibid.
  6. Ibid.
  7. Ibid.
  8. Ibid.
  9. Ibid.
  10. Ibid.
  11. Ibid.
  12. Ibid.
  13. Brian Stack, “Here’s How Much Your Personal Information Is Selling for on the Dark Web,” Experian (blog), Experian, December 6, 2017.
  14. Jennifer Waters and MarketWatch, “Identity Fraud Nightmare: One Man’s Story,” MarketWatch, last modified February 10, 2010.
  15. Ibid.
  16. U.S. Federal Bureau of Investigation, Internet Crime Complaint Center, 2019 Internet Crime Report (Washington, D.C., 2019).
  17. Bethany Groff Dorau, “Internet of Things: Overview,” Points of View: Internet of Things 1, no. 1 (October 2019): 1–3.
  18. Peter Newman, “The Internet of Things 2020: Here’s What over 400 Iot Decision-Makers Say about the Future of Enterprise Connectivity and How Iot Companies Can Use It to Grow Revenue,” Insider Inc., last modified Mar 6, 2020.
  19. Andrew Perrin and Madhu Kumar, “About Three-in-Ten U.S. Adults Say They Are ‘Almost Constantly’ Online,” Pew Research Center, last modified July 25, 2019.
  20. U.S. Federal Bureau of Investigation, Internet Crime Complaint Center, 2019 Internet Crime Report (Washington, D.C., 2019).

Lakeidra is a cybersecurity consultant, published author, and public speaker. I seek to use my voice to help people discover the human side of cybersecurity.