Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

1 Identity theft

This section is part of the amber pathway.

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1044-640x360.mp4
Skip transcript


In this block of flats behind me, a hacker made tens of thousands of pounds in fraud, and all from the comfort of his own home, until he tried to push his luck a little too far. Ian Wood was using Facebook to fund a lavish lifestyle.
He would generally pose as someone who wasn't himself. For example, maybe as an attractive woman and he would try and befriend men on Facebook who would look at his profile picture and say, 'Oh yeah, I'll be friends with that person'. And what they were essentially doing was allowing this man into their life.
He discovered people often use the same usernames for different accounts online.
What Ian Wood did was he used that username, type it into mainstream banking websites, and as soon as he got the message of username correct, password incorrect. Security questions. He was in play then. And he could use information from the social networking sites to try and find a way in to that bank account.
Once in, he stole 35,000 pounds from online accounts. He then transferred the money to bogus accounts until he got cocky.
As a lot of criminals do, they get more relaxed about their behaviour, and that was when he made the transfer from a bank account into his own in his name. We went to arrest him for that offence and that was when we opened the door basically to all the activity that he'd been involved in.
End transcript
Interactive feature not available in single page view (see it in standard view).

Identity theft is a type of fraud in which an attacker uses stolen personal information to impersonate another person. This video shows an extreme, though by no means unique, example of the possible consequences of identity theft for an individual.

Traditionally, this type of fraud was achieved by an attacker intercepting postal deliveries which contain personal information such as names, addresses, bank account details and so on. Attackers could then open credit card accounts and apply for loans in the victim’s name. Victims have had their financial security and lives ruined by identity theft.

The online world has opened up a new, lucrative source of information for fraudsters. Many users have been quite relaxed about sharing their information with online services and other users, but even security conscious individuals are threatened by malware designed to sniff out personal information on a computer, or phishing attacks that persuade users to divulge personal information. Additionally, as we have seen, hacking attacks on big retailers can make millions of personal records available for potential abuse.

Online identity theft is a major threat, especially to those who are new to online interactions. Online banking fraud cases have been increasing since 2013 and stood at 25,849 cases in 2019, amounting to £112 million (Statista, 2020a and 2020b).

Preventing identity theft

You can greatly limit your risk of online identity theft by following simple security procedures such as running an antivirus program, keeping it up to date and by not responding to phishing emails.

Detecting identity theft

Online identity theft may pass unnoticed for some time, during which great damage can be done to your financial security. Some signs that a victim might notice are:

  • unexplained bank withdrawals or credit card charges
  • bills and other expected official letters don’t arrive
  • cards or cheques are declined
  • debt collectors make contact about debts the victim knows nothing about
  • they receive notice that their information was compromised by a data breach at a company where they do business or have an account
  • their bank or credit card provider makes contact about suspicious behaviour on their account.

However, you cannot do much to prevent the loss of your details by other organisations that provide everything needed to steal your identity. In March 2020, Marriott announced that an unknown amount of guest information may have been accessed using the login credentials of two employees at a franchise property. The data of 5.2 million guests were compromised.

It is worth keeping an eye on your own free credit reports to make sure nothing unexpected is being shown that might indicate identity theft. In April 2020, 160,000 Nintendo (gaming platform) accounts were breached. Hackers had used the hijacked accounts to buy high value digital items.

Next, you’ll learn about what data loss can mean for organisations.


Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371