ID theft in cyberspace

Author:Maxim Dobrinoiu
Position:Lecturer, PhD, Faculty of Law, Nicolae Titulescu University of Bucharest
Pages:117-120
LESIJ NO. XXI, VOL. 1/2014
ID THEFT IN CYBERSPACE
Maxim DOBRINOIU*
Abstract
Obtaining personal da ta, identification data, including data which allow the use of a electronic
payment instrument, or any other data generated in the context of one person’s activities in the social,
economic or financial life, without its consent or by deceit, if this occurs in computer systems or through
electronic means of communications, should be considered as a cr ime and punished accor dingly.
Keywords: ID Theft, Cybercrime, Social Engineering, P hishing, Computer-r elated Forgery
1. Introduction*
Like other countries, nowadays
Romania need to face, more and more, a
exceptionally serious phenomenon, which,
unfortunately,ă haven’tă gotă aă relevantă andă
comprehensive attention from the
legislators.
Ită isă aboută “Identityă Theft”ă (oră IDă
Theft), with its aggravated form when the
action is co mmitted by the use of computer
systems or electronic means of
communication.
Asăaănotion,ătheă„identityătheft”ăhasăană
improper name, because the identity of a
person is not actually stolen, but rather taken
over (or assumed, acquired) illegally and
further used generally to commit other
offences. In other words, we are not dealing
with a crime against property, but with a
crime against the person (as stated in the
New Criminal Code, Title 1, Chapter IX
crimes against the residence a nd private life
of a person).
Byă „identityă theft”ă oneă couldă
understand the obtaining, illegally
(unauthorized), of personal data or other
data related to the social or professional
activity of a person or data resulted from the
* Lecturer, PhD, Faculty of Law, Nicolae Titulescu University of Bucharest (e-mail: office@e-crime.ro).
person’să interactionă withă aă financială
institution, if later on the use of this acquired
data is capable to generate legal
consequences or to cause a loss of property
to that person.
2. Paper Content
From a technical perspective, the
„identityătheft”ă couldăbeă performedăb yăoneă
of the following methods:
Social Engineering is defined as a
collection of means, HW and SW tools and
communication strategies by the use of
which the victim is deceived related to a
situation or a fact and thus manipulated to
provide personal data, confidential or
financial information, or determined to act in
the manner required by the attacker.
The manipulation techniques are used
by the at tacker in the conversation with the
victim (directly, by telephone or through any
other electronic mean of communication),
while the deceiving is performed with the
aimă toă infringeă theă victim’să psychologicală
„barriers”,ăandă makeăheră disclosingădataă oră
doing actions that, in other conditions,
would have not been done.

To continue reading

Request your trial