What is Identity Theft?
You must have heard about ‘impersonation’ or identity fraud-the way one Internet user take on another user’s identity and gain illegal access of another user’s emails or data files. Annually almost 750,000 people are being affected by impersonation-the number one consumer complaint filed with FTC(Federal Trade Commission).
The technical name of identity theft is session hijacking. In fact, over the Internet taking on someone else’s identity is very easy than doing the same on physical world. When you start communicating with another person or visit any website, even when you just send email, each time you need to establish a TCP session connection with your destination computer, where the website resides or emails are stored. Each TCP connection start a TCP session in order to facilitate data transfer ( to learn about TCP read TCP/IP protocol suite or OSI layers) between computers. Session hijacking means taking over such type of TCP session by another person, using your session data.
How users’ activity is marked by the web servers?
When you login into your email account by entering user id & password(which is your online identity to prove yourself to someone that you are actually the person who you claim to be ), the web server creates a “UID” and sends it as a cookie to our browser. After logging in email account, usually, one checks Inbox or composes emails- each action of user is marked by a cookie file, which is stored in the computer. So, cookie actually helps us and the web server to know about users’ status e.g. if he is idle or sending emails.
Each cookie has an expiration time, normally one-hour, from the time it is issued. During this one-hour life span, if you remain idle after checking you emails, then exactly at the end of one-hour your account will be automatically signed out. So, the purpose of cookie is to let the web server know about a user activity and state.
No matter whatever you do with your email account after login, the cookies keep all the track of our activities and if this very same cookie string can be paste into anyone’s computer during the active life-time period of a cookie, then that person will get instant access to your emails-and will be able to do whatever he wish to accomplish with your emails.
How to Prevent Identity Theft or session Hijacking?
Actually, session hijacking is weakness, for what most of the blame goes to web application development team. During the web application or email application development if a development does not follow appropriate cookie control mechanism, then you might be a victim of session hijacking. From your side, you just need to pay attention on that if your organization’s IT manager is tracking cookies, if so then any rouge IT personal can make abuse of those cookies to gain illegal access to your emails.
- Always logout your email account when you no longer need them.
- Whenever possible, try to use https or SSL for your email, if your email vendor provides such facilities.
- Try to use digital signature with files or emails, this will not prevent session hijacking but it will certainly prevent from alternating your actual messages by the intruders.
Identity theft is such a typical and difficult-to-detect type attack that it cannot be detected by any intrusion detection and prevention systems, so most of its prevention depends of the email application software(how cookie is controlled in a web session) and on following of some of the mentioned tips.