Identity theft is a highly illegal criminal act, and it’s slowly evolving into one of the fastest-growing technology-based crimes. Financial and surveillance technologies are evolving so rapidly, and cybercriminals are finding themselves with the perfect climate to commit identity theft and fraud. They are now even able to diversify their targets and use much stealthier money-stealing methods.
Online methods such as phishing, pharming, and malware are just some of the common methods identity thieves use. And of course, the higher objective for most identity theft cases is almost always financial gain. Let’s take a look at the common ways that cybercriminals execute this crime, along with tips on how you can avoid becoming a victim of identity theft.
What Is Identity Theft?
Identity theft is an umbrella term that encompasses any crime that involves unauthorized access and use of another person’s personal information. This crime commonly leads to identity fraud for personal and financial gain. Identity theft can take on multiple forms but they all share a few elements. One such example is that an individual acquires personally identifiable information (PII) without your express permission. This includes your name, address, social security number, account number, and more. Another instance is your personal information gets used for identity fraud. The term refers to a false assumption of your identity for the commission of illegal acts. Most cybercriminals are primarily interested in gaining access to financial services, but some are more focused on stealing money directly from the individual’s bank accounts.
Identity fraud can come in various forms, but all of them can cause headaches on their victims after the fact. Most people are already familiar with credit card fraud, but many hackers have moved on to more devious schemes synthetic identity fraud. This type of fraud involves cybercriminals stealing your social security number and assigning it to a new name or date of birth. They can fabricate the rest of the story to establish the existence of a fake identity. Other forms include takeover fraud, medical identity theft, and business identity theft. There’s also a new type of theft called the internet of things (IoT) identity fraud. There are also plenty of other lesser-known schemes that we have yet to uncover. Even now, thousands of people still remain unaware of their uncompromised accounts.
What Are the Real-Life Costs of Identity Theft and Fraud?
Identity theft and identity fraud are rapidly growing crimes around the world. The 2020 Identity Fraud Study from research and advisory firm Javelin reported an aggregate loss of $16.9 billion to identity fraud cases in the U.S. alone. The research found that in the first half of 2020 alone, more than half a million cases of identity theft already reported to the Federal Trade Commission (FTC). The average loss for each victim amounted to $200.
This crime also creates deep financial black holes for industries that are often targeted by cybercriminals. These include the mortgage industry, healthcare industry, and the many corporate industries that function in the online space. Data from the FBI also indicates the mortgage industry suffers s $1 billion loss annually from these attacks. Meanwhile, the health sector suffers a loss of $60 billion per year. Corporate organizations, on the other hand, lose up to $994 billion every year. The same study noted that insurance organizations lose up to $20 billion annually to fraud. And the saddest part about these losses is that many of the internal fraud schemes uncovered were preventable.
Identity theft not only affects victims financially or credit-wise, but it also gives them significant psychological distress. A survey conducted by the Identity Theft Research Center indicates that almost 70 percent of victims feel afraid for their personal financial security. A high percentage of victims also reported having feelings of rage while some are unable to sleep due to anxiety. Even law enforcement agencies have admitted to the difficulty of investigating identity theft cases because even the victims often cannot identify the course of the breach. Most hackers are able to maintain their anonymity despite efforts to track them.
How are Identities Stolen Online?
The rate of identity theft development is growing much faster than what most cybersecurity technologies can keep up with. The proliferation of crimes of this nature has a lot to do with our reliance on technology. It also has to do with the fact that most people share personal information online via social media. Moreover, an increasing number of people turn to online platforms to carry out their daily transactions. This increases the risk that their data would land in unsavory hands. Lets’ uncover some of the common methods cybercriminals employ to execute identity theft. Knowing these tactics may help us understand the gravity of the issue at hand. It may also help us avoid being the subject of attack moving forward.
Thieves Getting Hold of Your Printed Documents
Most of the institutions we interact with keep records of their transactions with us, whether it may be the local hospital, local bank, dentist office, or any other office. All of these places are bound to provide hard copies of documents that contain your private information. We often pay little mind to these documents, but they can be a gold mine of information for ill-willed individuals.
Thieves can deliberately look through your garbage for credit card offers, banking and credit card statements, and personal checks that you carelessly disposed of. Other thieves reroute your mail in an attempt to get their hands on your sensitive information. Still, there are others who rely on copy machines from your doctors’ offices, banks, and other places with the intent to steal your private information.
Installation of Malicious Software to Steal Personal Information
Fraudsters with technical knowledge often rely on malware or malicious programs that can be harmful to your computer systems, to steal your personal information. Most browsers are able to store heaps of confidential data including passwords, government numbers, and other details which makes them an especially vulnerable point of attack for cybercriminals. These browsers encrypt the passwords that they store, but this protection appears superficial. Most browsers provide access when the request appears to be from the same account. Malware exploits this weakness by pretending to make the access request on your behalf. Through this ploy, they are able to steal your private information with little to no effort. There are many different ways for your computer or smartphone to get infected. Infected hard drives can also be the culprit for the theft.
Cyber-Attacks Through Insecure Wireless Networks and Websites
Public Wi-Fi used to feelrelatively safe (and often absolutely free) portal to get your work done in a public place. But analysts recently discovered a weakness with the WPA2-type encryption, prompting them to warn the public to stay away from public networks altogether. So what did they find? The researchers discovered a serious weakness in the security protocol.
This software weakness allows attackers within the range of the vulnerable device or access point. And if they’re close enough, they can get a hold of your passwords, emails, and other data. In other cases, attackers can even inject malware or ransomware to their target’s device. Your computer will also get infected once you visit the site on the spot. Of course, not everyone who sits in the local café will get their computer hacked. Unless you’re willing to risk your data, then you should probably keep off public Wi-Fi for good.
Taking Advantage of Recycled and Shared Passwords
Keeping track the multitude of passwords that you have is already a daunting task, but it’s going to be even more daunting to have to deal with lost information in the process. It might appear supremely convenient to use the same password to open your Facebook, Twitter, and Gmail accounts. But doing so makes your accounts much more vulnerable to identity theft. And if you’re going to write down all your passwords in one file, make sure to encrypt them.
Avoid sharing passwords with people you don’t know that well due to obvious risks. It might be hard not to share passwords among family members and spouses may be unavoidable but fair warning that doing so can easily lead to multiple systems getting infected.
Specialized Software to Track Passwords
Cybercriminals are creative individuals. They have a variety of tools they can use to steal your passwords. Keystroke logging software and devices are the most widely used method, and these essentially work by recording your keystrokes while you type. The logged information is then sent over to the hacker via your internet connection. Keystroke logging tools can be hard to detect and hard to deal with despite having plenty of cybersecurity measures in place. One way to prevent this is by installing a firewall. The firewall may be able to detect potential keylogging software. Another answer to this would be to use a password manager to auto-fill your passwords for you.
Another method hackers use to crack passwords is with the help of network analyzers. Network analyzers are advanced forms of malware that steal large amounts of data. The program sniffs out passwords and other data from data packets traversing the network. These programs are like the bomb sniffers of the cybercrime sphere. But instead of sniffing bombs, they sniff out passwords over the course of a few hours at a time. This type of technology is dangerous because it can be used to capture all data packets traversing the network.
Cybercriminals can collect thousands of passwords with this method. And the data are sometimes uploaded to the dark web for sale to the highest bidder. To prevent this type of attack, experts recommend using a lockdown program or a comprehensive system recovery program. One example would be the like Deep Freeze Enterprise. Ethernet ports also help to preserve access to internal data. It does this without giving anything away to the public side of the firewall.
Discarded Computers That Haven’t Been Wiped
Replacing your devices every couple of years is the most normal thing in the world. But having a smartphone, computer, or tablet with your PII can be an open temptation for thieves and fraudsters. Before you toss any device to the bin, make sure to wipe it clean of your documents, contacts, and any other type of sensitive personal information. If you’re replacing your phone, make sure to check internal memory and delete files that can associate the phone to you. Uninstall all apps that contain your personal information and also consider restoring your phone to its original factory settings afterwards.
Big Data Theft
Big data theft refers to the large-scale theft of customer information from a large business or enterprise. The term is often associated with and is a subscale of identity theft. Big data theft is often a very serious issue that involves a large number of victims. A glaring example would be the big data incident concerning TJX Companies back in 2006.
The company reported a massive computer breach leaked the credit and debit card numbers of more than 40 million hapless customers. The network of banks and credit unions were able to remedy the breach, but the company incurred over $12.3 billion in costs. Big data theft is a familiar narrative within the world of cybercrime, and sometimes thieves sell their stolen data over the Dark Web for buyers who intend to commit fraud.
10 Tips for Preventing Identity Theft Online
Identity theft is a very dark, mischievous, and potentially life-ruining crime that can often leave victims feeling betrayed and entirely insecure about their financial future. So in order to prevent becoming a part of the statistics, it helps to know the basic signs of identity fraud online:
1. Learn to Spot Online Scams
Scammers often use email or text messages to trick you into filling out forms and web pages with your personal information. While phishing malware is relatively easy to identify on fake websites, scammers usually make other attempts through instant messaging, social networking, and other means. The best and surefire way to prevent phishing malware from invading your computer is to never click on a link that’s sent to you by an unknown sender.
If you receive an email that looks like it’s from your bank, resist the urge to click on the link to direct you elsewhere. You should opt to access the official website of the bank or through the bank’s legitimate mobile application. Check for a secure HTTPS URL and lock icon and make sure that the URL in the address bar is legitimate. If your antivirus flags a site as fraudulent, heed its advice and keep off the site. And we can’t overemphasize this enough: don’t click on suspicious links sent to you through text, email, or social media websites.
Phishing emails can look very legitimate, and they usually offer up a story to get you to click on a link or fill up a form with your information. Be careful of emails that note suspicious activity or log-in attempts on your account, claim a problem with your account or payment information, or say you need to confirm some personal information. Some offer you a fake invoice; others want you to click on a link to pay for something; others still say you’re eligible for a government refund of sorts.
2. Look Out for Malware
Hostile, intrusive, and stealthy, most malware seeks to invade, damage, or disable your device. Hackers can use malware to steal, encrypt, or delete your data. Some can even hijack some computer functions to monitor your activities online without your knowledge and permission. One form of malware commonly used for identity theft and fraud is spyware. Spyware is a type of malware that can monitor your activities or control your computer use to force you to provide information or to put your computer in harm’s way.
Spyware and other forms of malware are not always easy to detect, and an effective malware removal tool will be needed to root them out. Check out this list of the best malware removal tools in case your computer gets infected. Malware removal tools can scan your software for different types of malware then proceed to remove the issues from your computer. Some also offer protection against malware for your email and Wi-Fi networks. But how will you know if you have an infected computer? Here are a few tell-tale signs when your computer gets infected.
Your computer slows down.
You receive a constant barrage of annoying ads that you’ve never signed up for.
Your computer repeatedly crashes, freezes, or displays the blue screen of death.
You notice a sudden loss of disk space.
There’s a strange increase in your internet activity.
Abnormal usage of your system resources.
Your browser’s home page changes for no reason.
You receive an email telling you it has your data.
Your antivirus software stops updating and seems ineffective.
3. Use Updated Security Software for Your Devices
Spyware and other forms of malware are highly dangerous programs that are also easy to contract. Poor browsing and security habits often lead to infection, and even those who are careful about their browsing habits remain vulnerable to malware. It’s because of this fact that you need to protect your mobile and desktop devices with antispyware, antivirus, anti-phishing, and firewall programs.
Start off with your pick of a reliable antivirus program that will keep watch over your devices and help to identify then eliminate existing threats. Check out this list of the best premium antivirus programs available in the market right now. We also recommend for you to install a VPN to keep your online data, passwords, and personal information anonymous over the network. Check out this comprehensive guide on how to set up a VPN. For smartphones and handheld devices, there are standalone utilities and software that could lock down your files in case of theft. These are commonly available for smartphones, but there are also versions laptop and desktop computer users can use.
4. Sign up for Free Credit Monitoring
Money remains the root cause for most identity thefts, and most thefts lead to fraudulent bank transactions. Cybercriminals will use the information they’ve collected on you to open a credit card account, borrow money, make purchases, or transfer funds without your knowledge or consent. And while scammers and crooks are happy to live off your bank account, their illegal activities can cause major damage to your credit rating. If you suddenly notice unpaid charges on your monthly financial statement or suddenly get a declined card or a bounced check, these could be signs of identity theft. Take note that federal laws only allow a 60-day period for disputing unauthorized charges. If you can successfully prove fraudulent activity, the state will only require you to pay $50 regardless of the total amount of the unauthorized charge.
A significant drop in your credit rating can prevent you from getting a credit card or loans with favorable terms. Repairing the damage that fraudulent activity does to your credit ratings will also take time. In order to prevent a full-blown theft using your account, sign up for an identity and credit monitoring service that will alert you to any suspicious activity associated with your account. These services will alert if a new account has been created using your details and notify you regarding the request for documents related to loan applications. A few specialized credit monitoring services even comb through the Dark Web for signs that your personal data or passwords have appeared there. Automated credit monitoring is an effortless way to keep track of your accounts, and they can help you catch fraudulent activity right off the bat.
5. Use a Password Manager for Your Accounts
Passwords are literally the keys to the kingdom, and hackers would do anything to get their hands on those things. While a strong password can help protect your account, nothing can save you if you forget what it was. We also have to take into account the countless other accounts that you probably have, and each must have its own unique password that you need to remember.
To help ease the burden of remembering passwords while keeping them safe, make sure to use a reliable password manager. Password managers keep running lists of your passwords and auto-fills them on the site. The same software also gauge the strength of your passwords, and even help you generate a strong password. Password managers with advanced security features are even able to detect keylogging software and phishing malware.
6. Avoid oversharing on social media
Social media has profoundly changed the way we live and how we interact with one another. For many people, social media has become the primary outlet for people to share aspects of their lives with others. Most social networks have millions of users that share their photos, news updates, thoughts, and many more on the sites. Unfortunately, this culture of oversharing is a magnet for hackers and cybercriminals. People who use social media more often are at a much higher risk of falling victim to identity theft and takeover fraud. Luckily, there are a few things you can do to protect yourself on these sites.
Steps to Protect Yourself on Social Media:
Change your privacy settings that only your friends and family can access your posts. Refrain from choosing Public as your audience since anyone with malicious intent can quickly get hold of your photos and other data.
Create a strong password for your account. Your account passwords need to be unique, strong, and not contain any personal information that can tip hackers into accessing your account.
Never share personally identifiable information (PII) and confidential information. We’re talking about your social security number (SSN), bank account details, credit card numbers, phone number, passport number, driver’s license number, etc. We’re also talking about physical documents like your tax, refund, birth certificate, doctor’s prescription, etc. Your personal information and sensitive details that define your life have no business being on social media and should never be given out to anyone online. For safety purposes, assume that even private messages are unsafe and never give out private information through instant messaging platforms.
Beware of fake accounts and suspicious links. Never accept a friend request from a person you don’t know, and never click on a link sent by a stranger.
Delete your social media account and keep off social media. This option may appear too extreme for some, but it’s the most practical and effortless way to protect yourself.
7. Purchase Items Only From Reputable Websites
Many people are slowly making the shift to online shopping, and this shift is particularly enticing for con artists and cybercriminals to make money off of someone else’s bank account. Hackers are pretty good at what they do, so it can be quite difficult to spot a fake website compared to a real one. Nevertheless, here are some precautions to take to avoid getting scammed online:
Limit your shopping to the official pages of the brands that you want to shop from. Websites with a domain name that references well-known brands (i.e. www.ipadoffers.net) are usually scams.
Confirm security standards. If the site starts with https://, the site comes with added security in mind. Another indicator would be the lock icon that’s usually placed next to the URL or in the bottom corner of the browser. To check if a website is fake or not, you can copy-paste the URL onto this website scam checker.
Don’t buy into suspiciously low prices and large discounts. Scam websites often target impulsive buyers with bargain prices and large discounts. Unrealistically discounted prices are can be an indication that the product is either counterfeit or non-existent. Stick to on-sale items on legitimate shopping websites instead.
Check website policies for sales, shipping, and returns. All companies selling merchandise online are required to have a shipping and returns policy listed on the site. Legitimate shopping channels also have terms and conditions which usually appear the moment you click on the website. If the website doesn’t have any of these policies, it’s likely a sham.
Read online reviews. Look at aggregated reviews from third-party review sites, and check the company’s social media pages to get a whiff of how other people reacted to their services.
8. Backup Your Most Important Documents Onto a Secured Server
Many people use their computers as a de facto storage for most of their files, and most feel extremely trusting that their files are going to be anytime they need it. In reality, you never know when your computer is going to freeze out on you. You probably don’t want to see the day when all your files are lost or destroyed because of a particularly devious malware. There’s also the threat of ransomware when a hacker puts a virus on your computer to encrypt your most important files. You have to pay the ransom in order to get your files back, and nobody wants to experience that.
As a precautionary measure against disappearing files and malfunctioning computers, having an effective backup strategy is absolutely necessary. A backup software or device can help you store a duplicate copy of your most important files for quick retrieval when your device crashes or breaks. The most common backup solutions include hard drives, USB drives, cloud storage, and a specialized backup server. Hardware-based backups are reliable and cheap, but they usually have a shelf life of approximately five years.
Cloud backups and specialized backup software have more advanced features that make them ideal for long-term storage. These features include automated backups, file versioning, and two-way encryption for your data. Both cloud-based storage and backup storage use remote serves to store data, which makes it much harder for hackers to infect it with malware. You can store copies of your most important documents on the server to keep them from getting stolen on your computer. Regardless of the method you choose, having a backup solution is always a prudent move to rescue your files in case the unthinkable happens.
9. Beware of Tech Support Scams
Tech support scams are an industry-wide issue where scammers use scare tactics to get into people’s computers. In most cases, hackers use error notifications and emails to alert you of a non-existent issue with your software or device. They also sometimes initiate calls with caller IDs that mimic your internet service provider or OS provider. They will then entice you to pay for technical support services that supposedly fix the issues they found on your device, platform, or software. In reality, these hackers will install malware on your computer. Trojans and rootkits are some of the most dangerous types of malware they will place as they collect sensitive information from your system.
Keep in mind that most software companies do not send unsolicited email messages or make unsolicited phone calls to provide technical support. You must initiate all requests for tech support, and most of the legitimate companies do not charge anything for tech support. Make sure to download legitimate software from the official websites of the software you use. Be wary of downloading from third-party sites as well, since some of them could have gotten modified to insert malware.
Also, make sure to turn on your antivirus protection as first-level protection. Check out this list of the best free antivirus programs available. Lastly, be suspicious of any solicitations for tech support that you didn’t initiate, especially if it’s asking you to pay for support.
10. Watch Out for Other Signs of Identity Theft
Identity theft is a complicated process, and sometimes victims are not aware of their situation until the damage has become irreparable. Some identity thieves are able to carry on using your private information for nefarious means for years, decades, or even an entire lifetime. Sometimes your financial records don’t even reflect anomalous transactions. The faster you can recognize the possibility of identity theft, the faster you can react to minimize the damage to your reputation and credit score. As a general rule, any unexplained changes to your credit report or charges and withdrawals for any of your accounts warrant further investigation. Here are additional signs of identity theft to watch out for:
Receiving new credit cards you didn’t sign up for
Having a credit approval denied for no reason
Surprise medical bills for services that you haven’t used
Insurance providers turning you away for conditions you didn’t give
The IRS informing you that more than one tax return was filed in your name
Debt collectors soliciting payment for debts you didn’t make
Receiving notices about past due bills for products and services you didn’t buy
Final Thoughts on Helpful Tips to Prevent Identity Theft
Identity theft is a pervasive issue that deserves attention and immediate action. The number of victims and losses just keeps growing, and there doesn’t appear to be any way to eliminate the risk online. Thankfully, there is increasing consumer awareness about data protection tools and best practices to combat the spread of identity thefts. But even with the employment of all of these methods combined, there will always be a small crevice that hackers can use to compromise your data.
There is no perfect protection or security against determined criminals. At the end of the day, we just have to remember that protecting ourselves against identity theft isn’t a one-time endeavor. It’s an ongoing battle that requires perpetual vigilance and effort to combat, and it’s a duty that everyone must take up before it’s too late.