Wednesday, November 16, 2005

imho Preventing identity theft


Indicator to homo articulensis: A

I. I dentity. Id entity. I dent it y. Id an entity. Identropy. Idempotency.

I’m old enough to remember the last great plague that never came, syukur kepada Allah. The swine flu scare of 1976. Now the bird flu “pandemic” watch of 2005. By the way, whatever happened to the familiar and scary enough “epidemic”? When did the threat of microscopic human annihilation get escalated to a new term? What’s next: “armageddondemic”?

That thought has absolutely nothing to do with identity theft. Except for the fact that we are constantly being braced by the media for a pan/epi-doozis of ubiquitous impersonation and spoofing that will steal our very souls. And it hasn’t come yet. Though clearly our cyber-lives are as bombarded with phishing and pharming and other corrosive identity scams as our bodies are bathed in a steady soup of micro-organisms.

Somehow, we’re building up behavioral antibodies to identity theft, which is not to deny the occasional clever idioklept who manages to slip through. E-mail is the onesie-twosie identity thief’s tool of choice, but it’s becoming a harder field to harvest. My sense is that we’ve evolved a complex set of mental defense mechanisms to any unsolicited commercial e-mail. And we’ve deprecated e-mail in our personal information ecosystems. We’ve learned to rely on IM for interpersonal messages of a short banal nature, blogs for pushed opt-in information feeds from trusted sources, browser bookmarks for pulled feeds of an occasional/need-to-know nature, and Google searches for any quick-and-dirty digging with relevance ranking. When the day comes (and it never will I assure you, and I also assure you that “comes” is not a double entendre) that I need to find a reliable source of penis-enlargement solutions, I won’t turn to my e-mail. I’ll use whatever brand Austin Powers endorses.

Quick question: Can anybody tell me how many wholesale identity thefts have been linked to spyware and database breaches? I don’t mean “theft” in the narrow sense of somebody laying their hands on a stadium-full of people’s credit card numbers. I mean “theft” in the even narrower—-but more accurate—-sense of people using pilfered credit card numbers to quickly steal a lot of money from many people and then head for the proverbial hills?

OK, it wasn’t a quick question. But here’s a quick answer. Nobody. Not a blessed person has ever been exposed, tried, and convicted of impersonating great numbers of people—-and thereby emptying their bank accounts—-using identity-linked data that was stolen over a network. If you my readers can point to a wholesale identity cybercon that paid off big time, please call my attention to it.

There’s no substitute for keeping an eye on your actual assets, such as by scrutinizing your account statements, transaction histories, credit histories, and so forth regularly. And following up quickly to nip suspicious activity in the bud.

But considering that your identity’s in a state of entropy everywhere, it’s “out there” for the taking. Vulnerable to every well-adapted invisible scam that percolates through the environment. Just as your health will almost certainly be “robbed” by the germs passing in and out of every orifice.

Identity theft is a flu that will eventually “get you.” Build immunity. Bounce back.