Security incidents and computer scams committed through identity theft can take on very different characteristics depending on the nature and type of the malicious behavior of the agent, which can be either external to the organization (e.g., a hacker) or internal (e.g., an employee or manager of the organization).
Identity theft implies criminal conduct perpetrated by “impersonating” someone else for the purpose of obtaining money or other benefits. Typically, identity theft can be the antecedent of a security incident (think, for example, of the case of a phishing campaign in which the malicious agent impersonates the CEO of an organization), or the consequence (as in the case of a cyber-attack involving exfiltration of login and authentication credentials).
Moreover, identity theft can also result from communication interception, especially through man-in-the-middle practices aimed at altering communications between legitimate interlocutors and convincing them to perform actions useful to the malicious agent.