Identity Theft Prevention
Threat intelligence is often employed as a means to understand offender decision making (Maimon et al., 2020) and to aid guardians (i.e., law enforcement agencies and cybersecurity companies) in preventing the occurrence of cybercrime incidents at the organizational level (Mavroeidis & Bromander, 2017). However, no known research group lurks on the platforms owned and operated by enablers (e.g., darknet administrators) to gather active intelligence on identity theft victimization and uses this intelligence to notify victims of threats against them. Since the markets, forums, and channels on which fraudulent information is bought and sold are not monitored in a way that directly alerts victims of past, current, and ongoing threats against them, victims may not always know about their victimization. Moreover, even when aware of their own victimization, victims of online identity theft may not be aware of the need to report their victimization, the practices required for mitigating the consequences of the criminal event, or how to prevent it from recurring. Therefore, although the total monetary loss from online identity theft reported by known victims of this crime in the USA in 2019 was over $160 million (IC3, 2020), we have strong reason to believe that this figure is just the tip of the iceberg.
The current project, drawing from protection motivation theory (PMT), will develop a notification system to alert identity theft victims of threats against them to increase the reporting, mitigation, and prevention of identity theft. Using a survey design, we will first determine the best practices for notifying victims of threats against them. After determining the most effective notification method, automated tools will be developed and employed to systematically gather actionable threat intelligence pertaining to identity theft victimization from the darknet and other encrypted platforms. Identified identity theft victims will then be notified of threats against them and directed to report past victimization experiences, mitigate current threats against them, and prevent future victimization from occurring. Notified victims will also be directed to our newly developed educational website, which will warn of the dangers associated with identity theft and provide guidance on how to report, mitigate, and prevent victimization. Completion of this project will expand the scope of theory while providing practical, evidence-based solutions to mitigate the frequency of cybercrime incidents. The following subsections detail victim decision making as it relates to identity theft, the role of darknet environments and encrypted channels in facilitating identity theft, and PMT as a theoretical framework used.