Thief in the night: Stealing in a digital age
Editor's note: This article is part of "The Ten Today," a series that examines the Ten Commandments in modern society. This story explores the eighth commandment: "Thou shalt not steal."
Theft in ancient times was often brutal. The biblical parable of the Good Samaritan, for example, features a man beaten, robbed of everything, including his clothes, and left half-dead on the side of a dusty road to Jericho.
Things have changed since then.
Karen Barney of San Diego, was robbed but she didn't even know it. A Good Samaritan could have passed her on the street and wouldn't have noticed anything wrong. But something was wrong. Somebody had stolen her identity and used her personal information to buy three cellphones.
Barney discovered the theft when the phone carriers sent some information about the sale to her home. That was more than a decade ago, and to this day thieves pass her personal information around, attempting to open new credit card accounts and other digital scams.
"It raises its ugly head every so often," she said. "Somebody tried to buy a computer in the middle of the night from Sears once."
The FBI's Uniform Crime Reporting Program statistics from 2012 show that property crimes are down 6.6 percent since the recession began in 2008 and down 12.5 percent since 2003. But at the same time, the bureau's Internet Crime Report found an 8.3 percent increase in consumer complaints of Internet fraud and crimes just from 2011 to 2012. The 114,908 victims who suffered actual dollar losses were cheated out of an average of $1,813 each.
The recently discovered "Heartbleed" coding vulnerability demonstrates how easily hackers and thieves can obtain personal information and exploit it. The rewards can be great, and because of the physical distance between thief and victim, the social taboos that have traditionally helped prevent theft wield less power. But the impact of this growing trend on individuals — both thieves and victims — and on society is just as strong as it was when the commandment "Thou shalt not steal" was first enshrined into ancient law.
Barney turned her experience into a passion to help others by becoming a volunteer and then an employee at the Identity Theft Resource Center, a non-profit research and education group that helps cybercrime victims: "Today's digital criminals are so smart that they even know what time of the day you are most vulnerable," she said.
FBI special agent Michael Nail agrees that today's digital thieves can be smart. Nail worked on bringing Tobechi Onwuhara, of Dallas, to justice. Onwuhara used real estate lists of high-income people to identify his targets starting in 2007. He used the Internet and phone calls to gather information he needed — date of birth, mothers' maiden name (thank you, genealogy websites) and so forth.
"He is very smart," Nail said. "He speaks very well, he knows banks' processes, he knows the right buzz words. That is what helped convince banks he was who he was saying he was."
Onwuhara used the information he gathered to convince banks he was a customer, then used the customer's home equity lines of credit to borrow thousands from the accounts. He wired the money overseas where an accomplice laundered it and wired it back to him.
FBI special agent Hadley Etienne, who also worked on the case, said it can take weeks before people know someone breached their accounts and stole their money.
Onwuhara and his team of thieves targeted hundreds of victims, trying to steal more than $38 million. Losses reached $13 million. But Onwuhara eventually made a "simple mistake," Nail said: He used his real name just once, and that led to his 2012 arrest and later conviction.
Etienne said cybercrime has advanced even since Onwuhara's spree.
"Fraudsters used to obtain their victims' information on their own," he said. "Now fraudsters are hooking up with hackers."
Charles Henson, the vice president of Nashville Computer in Brentwood, Tenn., said savvy criminals now steal credit card information and, instead of risking getting caught using it themselves, sell databases of "guaranteed" credit card numbers to less-savvy criminals. Those criminals use the cards to buy merchandise — and incur the greater risk of being caught than the criminals they bought the cards from.
"These thieves (selling the databases) could be anybody," Henson said. "They could be your next door neighbors."
Nail said it is getting worse.
"Victims numbers have not gone down, they've risen," he said. "It is not getting any better right now. Criminals are getting smarter and smarter. We need to get smarter with them to figure out their schemes."
Cris Thomas, who uses the handle "Space Rogue" in his work on Internet security, said the risk/reward ratio is different for online crime than for physical crime.
"Because the risk is much lower, there is no risk of bodily harm, the risk of getting caught is much lower, criminal penalties are lower," Thomas said. "There may be a higher incentive for the criminal element to go to virtual online crime as opposed to physical crime."
Thomas, who works as technical manager for Tenable, a cyber security company based in Columbia, Md., said thieves can steal a lot more money online than they ever could in person.
"If you're walking down the street trying to mug people, you may get one person every so often," he said. "Whereas online you can get tens of thousands of people."
And the assets are now online as well, Thomas said.
"In previous times, you had all your money either physically in a bank or physically in your pocket," he said. "But now that money or property may exist only online."
Philosopher James E. Faulconer sees a contrast between the digital thefts of today and the physical thefts of ancient times when the Ten Commandments were given.
"In the desert, you are right on the edge of existence," he said. "So when you steal from someone, it is an obvious case of endangering life."
Faulconer, who is the director of Brigham Young University's London Centre in England, said digital theft, too, can have negative impacts on people's lives. But the real similarity between virtual and physical theft, he said, comes when one considers what happens to the thief.
"The act of theft itself deals with relationships to other people and how we value them," he said. "What it does to the person who steals is it separates him from fellow human beings. It is saying, 'I am not one of you.' And that means he is not. And if you say, 'I am not one of you,' there is a sense that you are saying, 'I am no longer human.'"
That feeling of separation may also be the reason some people steal. A study published in the journal "Organizational Behavior and Human Decision Processes" in 2013 found that feeling financially deprived made subjects more likely to cheat in order to obtain a small amount of money. And it wasn't actual deprivation, but perceived deprivation that made the difference. As Adam Alter, assistant professor of marketing at New York University and co-author of the study, told Forbes, people can feel financially deprived when they compare their situation to that of a wealthier person — or even if they simply compare their current situation to a time in the past when they felt more secure, such as prior to an economic downturn.
The study suggested that people who value moral standards can, if they feel deprived, justify lessening those standards and stealing in an effort to bring balance back into their lives. The good news is that the bad behavior diminishes if the act does not reduce that deprived feeling.
Schuyler Towne, a research scholar at the Ronin Institute who studies security, said proximity has a lot to do with the spread of Internet crime — and so do weak taboos.
"The crux of social order related to any trespass against society," Towne said, "is that the further you are from a single individual, the less emotional reaction people will have to the crime."
It isn't hard to recognize the social taboo that prevents someone from going up to another person and using a gun to rob him or her. There aren't only legal consequences, but emotional ones as well.
A mugging is very close and personal and carries a huge emotional and social impact. One step down on the impact scale might be someone breaking into an empty home — still a crime, but with less emotional impact on society. There is a taboo, but it is weaker. Automobiles are still personal, but are far more broken into.
And so it goes down the line. People condemn some acts more than others: "Many people willing to steal a bicycle would not break into a home," Towne said.
But how many people would download an illegal copy of a movie?
Internet crimes like pirating don't carry the social taboos that accompany other crimes, Towne said.
The entertainment industry lobbies for stronger penalties, but it has little success in creating stronger social taboos that would decrease virtual stealing. Faulconer thinks the tactic of companies treating kids who download music like they are not human beings tells people they don't have to treat companies with respect, either.
This puts companies in a "perpetually unsympathetic position," Towne said.
Towne points out that video game developers faced the same piracy problems, but developed models that decreased the practice by engaging in open dialog with fans in the game communities.
Those communities of game players began to realize that buying legal copies of game software meant the creators — particularly smaller game developers — could use the money to make better games. The developers and the game players now have an attitude of mutual understanding and response to one another.
"People who are having success in developing that real empathy are doing it with love, and provide as many as robust options as possible," Towne said.
Watching for thieves
"Space Rogue" Thomas said there are simple things people can do to make their digital lives safer, such as choosing good passwords: "It boggles my mind that people still use '123' as a password," he said.
He said that just as people are aware of their surroundings in the physical world and look out for thieves, people should also be aware of what is happening online: "It is difficult to know who to trust so do a little due diligence research," Thomas said.
Last year President Barack Obama signed an executive order titled "Improving Critical Infrastructure Cybersecurity." The order looked to protect "critical infrastructure," such as banks and power grids, by making sure information about attacks is shared and acted upon.
Thomas said the order is part of a move to improve information sharing. But it's a hard sell. Companies don't like to admit they've had a security breach: "It could affect stock prices and customers," Thomas said.
However, FBI special agent Nail said cases like Onwuhara's have helped industries cooperate more with each other to close vulnerabilities.
Daniel Draz advises consumers to take some basic precautions.
"Do the things that protect you online, much in the same way you would with your purse or your wallet — knowing where it is at all times, not just letting someone have your wallet," said Draz, who runs Fraud Solutions, a fraud consultancy based out of the Chicago area.
"You apply that same standard of care and caution virtually. Know who you are talking to. Make sure people really are who they say they are. You don't have to live life in fear, but you have to be aware of what is going on," he said.
Barney continues to worry about the lasting impact of her identity theft — a modern theft that wasn't in-your-face like what happened on that road to Jericho.
"You don't know who it is," she said. "It is a faceless crime. You find yourself looking over your shoulder, but you don't know who you are looking for."
Email: firstname.lastname@example.org Twitter: @degroote