Social networking and fraud - Phoraging
About a year ago we coined this term and have only really been using it internally within VeriSign, but let me tell you a bit about Phoraging.
Our definition:
"Taking data from many different online sources to build up the identity of a consumer to commit identity theft".
You can compare it to someone in the real world going through your garbage to find banks statements and the like (called Dumpster Diving in the US).
It has been becoming more and more relevant as social networking sites have exploded and internally, we use this slide picture to highlight it:
To explain:
Anything to the left of the "Privacy line" - Things that you post on public sites that you are happy to share with anyone. The problem that sites like Facebook give us is that the privacy line (i.e. things that you are happy to share with people) is moving to the right.
Anything to the right of the privacy line and left of the security line - Things you might share when you register for an event or ask for a brochure from a web site. If a fraudster has a key logger on your machine or has set up a fake site to capture these details can get even more data on you.
Anything to the right of the Security line - things that you would be unwilling to share with anyone.
What the diagram shows is that as the "Phorager" builds up more information about you he or she is more able to get past the "Security Line" potentially stealing your identity.
Started as a bit of fun bit of fun really, but I did notice that there are now three pages of sites if you Google "Phoraging" :-)
