42 Pages Posted: 13 Apr 2010 Last revised: 1 Feb 2014
Date Written: January 1, 2005
This article discusses the growing identity theft problem in cyberspace, focusing specifically on phishing attacks. Victims of identity theft and phishing attacks suffer direct financial losses, though the real price these crimes exact is in the time and money spent trying to rebuild a victim’s credit and good name. Society also suffers through business losses, generally passed on to consumers through higher costs for goods and credit, and, more importantly, through loss of consumer confidence in conducting business online.
Section II presents an overview of identity theft through a discussion of associated costs, laws, and stakeholders. Section III presents facts and statistics on the phishing problem. Section IV sets up a structure for analyzing identity theft crime control methods based on primary, secondary, and tertiary responses to crime. The primary level includes victim self-help measures, the secondary level involves private-party architecture solutions, and the tertiary level includes public law enforcement efforts. The article then discusses recent developments in fighting identity theft at each level, focusing on new laws and services that help consumers secure their identity, advances in private-party methods to detect and prevent fraud, and new and proposed changes to criminal laws used in the battle against identity theft. It will discuss the effectiveness of these new developments on phishing attacks and critically examine who is best equipped to combat the phishing problem. The article concludes that no single crime control method alone will be enough to combat phishing. Only a combined approach, incorporating strategies from each level, will diminish the phishing problem.
Keywords: phishing, crime, identity theft, internet, email
JEL Classification: K00, K14
Suggested Citation: Suggested Citation
Lynch, Jennifer, Identity Theft in Cyberspace: Crime Control Methods and Their Effectiveness in Combating Phishing Attacks (January 1, 2005). Berkeley Technology Law Journal, Vol. 20, No. 259, 2005. Available at SSRN: https://ssrn.com/abstract=1588190