Page 286 - Informatics_Practices_Fliipbook_Class12
P. 286
8.3.2 Identity Theft
When someone steals your personal information to commit fraud, it is known as identity theft (ID theft). Once your
identity is stolen, it may be used to fraudulently access your system, steal your data, and use it for personal gain.
Two-factor authentication, also referred to as two-step verification, can add an additional layer of security to your
user name and password. A social networking site might, for instance, request that you enter a one-time password
(OTP) that can only be used for a short period of time to confirm that you are an authorised user.
Fig 8.1: Two-factor authentication
8.3.3 Phishing
Phishing is the act of sending a user a phoney email purporting to be from a trustworthy, well-known source, like a
bank or a government agency. The victim believes the email, SMS, or message is from a reliable source, so they open
the attacker's email. The victim might find enticing messages like "You won the lottery!" and be diverted to a website
where they will be asked to update personal information like a password, credit card number, social security number,
or bank account number. Phishing's malicious intent may be to persuade a user to reveal personal information about
themselves, such as their username, password, date of birth, mother's name, and address. The identity of a person
acquired by phishing is called a stolen identity, and the process of stealing the identity is called identity theft. The
identity information may then be employed to carry out financial transactions on the user's behalf, post messages
on social networking sites, or serve some other malicious intent. But most of the time, the website is a scam that may
record and steal any information the user puts in. The accused tend to exploit the inherent greed and dishonesty of
their victims.
272 Touchpad Informatics Practices-XII

