Virtual identity theft or identity virtual theft or identity theft virtually?

[Dave Birch] We all understand how phishing is spreading from home banking roots to more and more online environments, not only in business but also in government. An example was the the Australian Taxation Office (ATO) warning about a phishing e-mail that used the ATO logo and came with the words ‘Australian Taxation Office – Please Read’ in the subject line. Claiming to offer a refund from the ATO, the message asks users to click on a link that redirects, of course, to a fraudulent web site. And never mind the real world, it’s getting out of control in the virtual world as well, with the news that hackers — most likely in China and Russia, apparently — have been surreptitiously installing keylogging software on World of Warcraft (WoW) players’ PCs, then hijacking their accounts and selling off their often valuable in-game assets. It’s virtual burglary: when you log back in you’ve been e-turned over and all your stuff is gone. Try complaining about that down at Guildford nick.

Technorati Tags: fraud, identity, regulation, social networking, virtual worlds

The expansion of phishing — because of the lack of an adequate identity infrastructure — in the virtual world is hardly surprising when Gartner claim that only four years from now, four-fifths of Internet users will have a “Second Life” in a virtual world. They also claim that four-fifths of Fortune 500 enterprises will too. This is all getting a bit serious. No wonder Linden Lab — the Second Life guys — are having to begin their own regulatory regime. They have announced new restrictions on how users consume and host content in Second Life, including a first “credential barrier”: users who do not pay a fee to verify their age will be restricted from accessing adult areas.

Meanwhile, Forum friend Steven Philippsohn, Chairman of the Fraud Advisory Panel‘s working group on Cybercrime (and contributor to “Digital Identity Management: Technological, Business and Social Implications”) says that “My experience has been that fraudsters migrate to areas that are most vulnerable,” said Steven Philippsohn, chairman of the panel’s cybercrime working group. “(They) always benefit where countries are loosely regulated, and this is an environment that is unregulated all together.” He’s quoted in a new report from the Panel which says that governments should apply real-world laws and regulations to virtual currencies in online worlds like Second Life to prevent potential money laundering, fraud and tax evasion. When the Institute of Chartered Accountants in England and Wales (who run the Panel) start going on about Second Life, you know that virtual worlds are no longer the cutting-edge domain of the techno-hip. But I can’t help thinking that the typical drug dealer is much more likely to use 500 euro notes and illegal immigrants than Platinum Pieces and delivery elves. Or is it me that’s old fashioned now?

Incidentally, if you think that reading Reuters reports on web pages is soooo twentieth-century, you can pop into their office in Second Life by clicking on this SLurl (ie, Second Life URL).

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]