Identity theft is the process of stealing personally identifiable information (PII) to either defraud the victim or make the victim a scapegoat in a large-scale cyberattack. Attackers gain access to sensitive information such as social security numbers and credit cards that are used to collate a person’s identity.
According to a report by the Federal Trade Commission (FTC), people in 2021 filed more reports for identity theft (25%) than any other cases. Identity theft in 2021 more than doubled since 2019 and it’s only gotten worse in 2022. Cybercriminals are using more sophisticated methods of attack and the rise in identity theft is proof of how targeted attacks can cause severe damage to a person and the organizations they’re linked with.
Before you learn ways to protect yourself from identity theft, it’s important to understand what information and age groups are most at risk.
Which data does ID theft target typically?
Identity theft can be carried out by any document that can establish, or rather, be used to spoof your identity. However, some documents are more prone to attack than others:
- Social security number (SSN): SSN is the holy grail of identity fraud in the U.S. as this document is linked with all the aspects of a person’s social identity.
- Financial data: Bank accounts, debit cards, and bank statements can be used directly to commit financial fraud
- Credit card data: Credit card details are often used for credit score and chargeback scams
- Medical data: Compromised medical records can be used to threaten victims to pay a ransom and to steal costly medicines
- IRS/tax data: Hackers with access to your tax data can commit stolen identity refund fraud (SIRF).
Who Does ID Theft Typically Target?
With enough complacency, anyone can be a victim of identity fraud. However, hackers usually target two demographics:
- Elderly: The lack of technical and technological awareness combined with a large chunk of money at their disposal makes seniors an easy target of identity fraud. According to the FTC data, the meridian loss in 2021 was $500. But it rose to $800 for victims aged between 70-79 and $1,500 for victims older than 80 years.
- Children: Children are easy targets for identity theft because they have a clean slate—no credit card history, no bank records, and no SSN usage. Hackers can use these documents to build a credit score, apply for loans and checks and get away scot-free.
Example: How does ID Theft Work?
Since government benefits fraud is the most popular type of identity fraud recorded in the 2021 Consumer Sentinel Network Data Book, we’ll go over how this is often carried out.
Hackers first require your SSN to commit benefits fraud. They’ll email/text you a phishing link (an original-looking fake link) that might take you to a compromised webpage that requires your SSN. They might even inject malware into your device by sending malicious attachments or posing as government officials and calling you for documents. Once they get your SSN, hackers can apply to government programs such as food stamps, unemployment benefits, social security benefits, disability benefits, PPF loans, etc. Hackers can steal funds from governments on the victim’s behalf or worse, deny people who actually need the benefits.
Here are a few ways you can make sure this doesn’t happen to you or your organization:
Tip #1 Identity Theft Protection/Monitoring
You need to be constantly on your toes to monitor PII and react immediately to mitigate damages. But it can be difficult to maintain the same level of vigilance as time goes on.
An identity theft protection service offers users comprehensive and 24/7 protection so that they can go on with their lives. A good ID protection service will monitor SSN, bank accounts, and credit cards across the dark and surface web to look out for anomalies and alert you immediately. It can also help you restore your identity, recover assets, offer insurance, and extend coverage to your entire family.
Without an expert tool, it’ll become harder to shield PII from growing strategies of hackers.
Tip #2 Strong Passwords & MFA
Strong passwords and multi-factor authentication (MFA) are two-part security measures that can defend against most types of identity theft attempts. If you truly want to use strong passwords, here’s how it should look like in 2023 and beyond:
- Minimum 14 characters. The longer, the better
- Should be an alphanumeric password (a complex combination of small case and uppercase letters, numbers, and symbols)
- Unique and unused, devoid of popular phrases
- Managed by a password management tool with encrypted backups
But strong passwords alone cannot provide optimal security. You need to activate two-factor/multi-factor authentication to have an additional layer of security in case passwords or devices are compromised.
Tip #3 Credit Monitoring & Credit Reports
If hackers get hold of financial data, they can exploit your credit card history to take loans, open new lines of credit, max out your credit card, and deceive other companies. All of these may affect your credit score and your ability to apply for loans later. A credit monitoring service can track credit reports across three bureaus: Experian, Equifax, and TransUnion to monitor your history and alert you of suspicious activities.
Credit monitoring such as Lifelock includes alerts for changes to credit scores and bank statements and helps you instantly lock your credit file, which makes it impossible for hackers to make credit inquiries and open new accounts. When you’re notified of the smallest of changes to your financial health, you’re more prepared to fend off identity thieves.
Tip #4 Freeze Your Kid’s Credit
As you already know by now, children are prime targets of identity theft because they have a clean financial history. Add in the fact that parents don’t have any reason to look out for their kid’s financial health, hackers can carry out their job without any trouble.
As a security best practice, you should freeze your kid’s credit file because the consequences of credit fraud are long-lasting. Most victims don’t find out about poor credit scores until they’re adults, making it hard for them to get a job, apartment, car, healthcare, and financial aid. The best thing about freezing your kid’s credit file is that it’s free and helps you and the kid in the long run.
Tip #5 Review Credit Report Annually and Credit Card and Bank Statements Monthly
Apart from using identity theft and credit monitoring services for instant alerts, you should also manually check your credit reports to make sure everything is in order. Check your bank statements and alert your bank if you find unauthorized transactions. This creates a healthy habit of security vigilance which should help you detect threat actors before they can cause any damage.
Since the identity theft landscape is evolving rapidly, users need to stay on top of new cybersecurity trends. What matters most is to maintain cybersecurity hygiene on a personal level and implement the steps discussed above. The DSC weekly posts are a great way to stay up-to-date with security measures you should implement in your personal life and the organizations you work with.