We all are aware of the magnitude of importance the internet plays in our daily lives. From online shopping to comprehensive connectivity, the internet has made the world smaller with each passing day. However, that same internet can be pretty harsh if used for something terrible. Cybercrime is on the rise as an increasing number of people rely on the Internet for their daily activities. It gives criminals the leeway to hoodwink the humble and gullible crowd into taking on substantial loss. And, despite all efforts from the Internet registry, websites they impersonate, and harsh laws, these malicious agents keep on using nefarious methods to act against the common public. They do so by finding loopholes to circumvent such barriers and commit crimes. That’s why we’ll talk about one such devastating criminal activity that can ruin someone both emotionally and financially. Let’s analyze what identity theft is and how to prevent it.
What is identity theft?
Identity theft or fraud is a crime where an imposter obtains key pieces of your PII (Personal Identifiable Information) to impersonate you with the goal of financial gain, amongst others. A criminal steals your identity and pretends to be you to either steal from you or defraud someone in your name. While it may be a simple inconvenience for some, many have indeed suffered, not only financially but also emotionally, under the nefarious practice of identity theft.
Such theft can be problematic, especially when it happens online. Users are not proficient at keeping their online habits secret. As such, many malicious individuals target them for a quick windfall. They go after their PII to either steal from the victims by assuming their identity to receive monetary benefits or services in kind. Even more menacingly, they go on to commit more crimes under the shield of the acquired identity. There have been cases where the victims of identity theft were subject to false identification and unjust apprehension for crimes someone else committed by utilizing the stolen identities.
While it is a serious crime that warrants attention, if a user exercises caution online, he can remain relatively safe. But before we delve into the topic of prevention and how to recover from identity theft, let us list the kind of information deemed PII:
- Full name
- Unique Identity Number
- Home address
- Telephone number
- Credit card number
- Medical data
- Driver’s license number
- Biometric data
Types of identity theft:
Broadly classified, identity theft has two types:
- True-name identity theft — In this type of theft, the criminal will try and use the PII to obtain new services rather than claiming benefits from existing ones. Experts consider it potentially less financially scary. However, keep in mind that any online theft can result in boundless harm.
- Account-takeover identity theft — This theft is grievous because the imposter manages to perform a successful hostile takeover of the victim’s account. After that, they can do whatever they wish with it. They can impersonate someone online on social media by locking out the victim by changing passwords. This can often end in substantial financial loss.
Examples of identity theft:
There are many ways to steal an identity. Similarly, there are numerous ways to exploit the stolen identity. Some examples of how a criminal can utilize your stolen identity are listed below:
1. Financially – Credit creation
One of the most common utilization of a stolen identity is to crave out financial gains. For example, the thief can use your PII to apply for a new credit line without your knowledge. And by the time you react, your account will be over-drafted/credited drastically. The symptoms? You find a charge on your credit card balance or a difference in credit score you don’t remember. If you do, it’d be wise to investigate and if, necessary, freeze your credit cards.
2. Monetarily – Tax-related
Sometimes thieves use your information to file for a false tax return in an attempt to gobble up your tax benefit/refund. It can also inconvenience the user as they will be unable to file for their returns because their data is already in the system, albeit under a false name. This can also can lead to legal issues if some tax-related errors occur after the filing. You can avoid all this by simply submitting your tax return early.
When a thief uses your PII to receive medical benefits in your stead, he commits medical identity theft. It is dangerous, as it can lead to confusion regarding your medical history. It can lead to misdiagnosis on the doctor’s part. Having your medical identity stolen can oftentimes result in health insurance fraud. If you suddenly find yourself receiving certain insurance benefits you don’t recognize, perhaps contact your health care team to cross-check and make sure the health results are yours, to begin with.
Criminals can potentially use stolen identities to commit crimes. As such, if during an investigation the police manage to flag down the assumed identity of the criminal, chances are the victim may end up being charged. It can also happen if someone produces false information backed by a stolen identity during a police questioning/investigation. The victims may find themselves under arrest for no apparent reason. Oppositely, they might end up being refused certain services due to complications in their background check.
5. The ID of a child
Children’s personal information is an easy target for criminals because these crimes may go unnoticed for a long time. Criminals can use the ID of a child to procure benefits from the government or open a bank account. Such crimes are severe and long-lasting, as they tend to remain under the radar till the child in question comes of age when he applies for a loan or to a college.
6. The ID of a senior citizen
In the same way, the ID of a senior citizen is also vulnerable and easily exploitable. More often than not, seniors are out of touch with the current technological advancements. As such, they are unaware of the ways they can expose themselves to certain risks. This results in unprepared defense against numerous attacks since victims aren’t knowledgeable enough to guard the entry point. Statistically, the older generation is more prone to phishing attempts than the younger one. Also, as it so happens, seniors whose identities thieves prefer to utilize are often powerless.
7. Synthetically for fraud/harassment/emotional trauma
Criminals sometimes stitch together a new, albeit fictitious, identity by patching up different pieces of PII. It is arduous to deal with, as no such person exists in reality. Synthetic ID can be dangerous as it allows the criminal to explore multiple avenues of action. Sometimes it is used for harassment and inducing emotional trauma over a social network. It is effortless to make a fake social media account and use it for cyberbullying. What adds to the risks is the ability to back such an account with a stolen identity to remain completely protected. However, since it is a fairly lengthy process to create a synthetic ID, criminals focus on using it for financial gains, for example, credit fraud.
How does it take place?
As stated above, there are numerous ways for a thief to gain access to your PII if you are not alert. Some of them are:
1. Phishing or spoofing
Sometimes criminals will try to get the PII from the victims. To do so, they will use an official-looking e-mail address infected with malware or adware. Afterward, the victim engages the criminal, unaware of the predicaments he will most likely be in. In doing so, the criminal either pries into the PII or takes control of the device. Spoofing is the same as phishing, albeit done over a phone call.
Skimming is more technical than simply asking for PII. For instance, the criminal can replace the credit card reader from a location such as a petrol pump or an ATM. As such, when you swipe your card into that particular machine, all relevant details will end up being exposed.
3. Wi-Fi hacking
We already know the dangers of using public Wi-Fi. Hackers can target you easily on an unsafe network such as a public wireless connection. Snooping on a public network can aid the hackers in an easy interception of your PII.
4. Dumpster Diving
One of the old-school tricks to stealing identity is going dumpster diving. Most of the victims are unaware of what documents are safe to dispose of on their own and which to shred. Sometimes they throw away documents containing a lot of PII. A criminal targeting you will always check your dumpster for any relevant documents and so.
5. Phone scams
Phone scams are similar to phishing. Criminals goad victims into doing their bidding over a phone call by impersonating someone official. They can ask for your OTP/passwords or ask you to authorize some transfer or hoodwink you into sending them money. Such fraud is also prevalent over emails.
6. Data breaches
Most of the time, when you connect to a website, lots of data ends up being logged. Even though you may be unaware of it, websites can still track your data by utilizing cookies. Moreover, social media websites or websites where you have made a profile are your PII goldmine. While reasonable with regular use, this turns into a massive risk in the event of a data breach.
Malware, adware, or spyware can unobtrusively gain access to PII. Malware can render your device useless and hand over the control to the hacker. Likewise, the adware can track you and aid with the theft of data, including PII. Spyware, when installed on your system, can log all your keystrokes and spy on your data.
8. Mailbox theft
Another way for criminals to gain access to your PII is by getting a hold of your physical mail. Your mail may contain sensitive data that, in the wrong hands, can turn out to be risky.
9. Weak password
When you use a weak password for your accounts, you are potentially inviting hackers, with a chance to guess and successfully take over your accounts. Some tools can guess millions of password combinations in mere minutes. Thus, a weak password, combined with collected PII, is especially dangerous.
10. Insecure website
Some websites are, by nature, risky, especially those that don’t use HTTP/HTTPS. You should stay away from such websites. Many websites are fake and exist solely to trap users. Also, if you partake in any economic activities on such sites, chances are your bank account will be drained.
11. Social media
As mentioned under technique 6, social network websites are the ones where users pour a lot of PII willingly. If they face a breach or someone with access/gains access to them, chances are your data will end up in the wrong hands.
Impact of identity theft
As discussed earlier, the impact of identity theft is not limited to the financial spectrum. The intangible cost sometimes proves itself to be monumental. This is especially true when the precursor includes reputation and or credit. On top of that, if someone dabbles into anything illegal with your stolen identity, things will not end with a simple apology. Sometimes it can lead to irreversible damage.
Thus, there are multiple ways to not fall victim to the online theft of identity. Such preventive measures can aid you with your online safety and help with safeguarding your PII. We will also take a look at the early warning signs of and how to flag identity theft.
What happens to me afterward?
If you are a victim of identity theft, chances are:
- Your information will end up harming you financially.
- You can face severe legal issues.
- There may be financial obligations in your name.
- Your credit score can end up in ruins.
- There can be damage to your reputation.
- Your data may end up on the dark web for sale.
- Someone can impersonate you on social media.
- You can suffer from mental as well as physical anguish.
Spotting the early signs
There are many warning signs to spot identity theft in the early stages, such as:
- Absence of bills, suggesting that maybe the corresponding address has been subject to a change without your knowledge.
- Gaining a credit card without request.
- Calls from debtors you don’t recognize.
- Denial of credit out of the blue.
- Discrepancies in your financial statements, charges on your credit card you do not recognize.
- If you have lost a pivotal piece of a document recently.
- Receiving complaints regarding noncompliance of service or delay in payment.
- Denial of entry to your social accounts.
- Ruined credit score.
- Suddenly receiving medical bills for services you didn’t use.
- Change in your health plan.
- Denial of healthcare as there is a change in your medical history.
- Notification from the tax authority regarding the return you don’t remember filing.
- Notice regarding more than one tax return filed under your name.
How to prevent identity theft?
Here are nearly a dozen ways to stop identity fraud:
- Freeze your credit cards — If you have suspicions regarding online theft, it’s better to freeze credit cards preemptively.
- Always be careful regarding phishing — If a deal seems too good to be true, chances are it is not. If you have suspicious mail in your inbox, try to contact the relevant authorities to cross-check. In short, don’t fall victim to phishing by staying alert.
- Use strong passwords and use two-factor authentication — Always use a stronger password. Also, don’t use online services to generate your password. Instead, use a reliable two-way authenticator to add an extra layer of security.
- Use alerts for your financial services — Always use alert notifications with your financial services such that you can notice if there is a change in your financial statement. The early you catch up to the changes, the more you can prevent yourself from getting harmed.
- Maintain a habit of shredding — Use a shredder to destroy any critical documents rather than throwing them away willy-nilly.
- Use digital wallets — Instead of filling out your credit/debit card details on multiple sites, it is wiser to maintain a digital wallet with an encrypted gateway to facilitate secure transactions.
- Monitor your financial reports regularly — Keep a habit of monitoring your finances on a regular schedule.
- Never access financial information over public Wi-Fi — Unless you are using a VPN, do not access your finances on public Wi-Fi.
- Don’t overshare on social networking sites — Sharing is caring, but oversharing can come back to haunt you. Be sensible about what to share online.
- Antivirus/Anti-Malware software — It’s wise to keep up-to-date Antivirus/malware software to fight against possible attacks.
- Always use secure websites — Only frequent sites with HTTPS. If there’s no alternative, only browser HTTP sites with tools to protect online privacy. These are the up to date and come with added encryption.
What to do if you have been a victim of identity theft?
Recovering a stolen identity depends on how fast you act. Sometimes it can take days and, in some cases, even years. However, doing what we suggest below can mitigate risks if not prevent identity theft. Once again, you must recognize the threat as early as possible.
You can take these steps after you confirm you’re a victim of identity theft:
- Start by acting promptly to minimize the impact of the theft.
- File a police report
- Contact any affected websites/organizations/institutes and inform them about the problem.
- If you can log in: change your password immediately using a strong password.
- If you cannot log in: contact the website’s technical support department immediately for further advice.
- Ask your bank/financial institution or credit card company for advice.
- You can freeze accounts.
- Get new cards, passwords, and PINs (Personal Identification Numbers).
- Most will refund the amount lost, providing you were not negligent in some way.
- Immediately change your password on other websites in case they have also been compromised.
- If website access requires a secret question, change it if you can to avoid repeat incidents.
- Check your other PII to make sure it is still correct.
- Check for other transactions, items for sale, or items purchased in your name which you have not originated, and cancel them.
- Report all lost or stolen documents, such as passports, driving licenses, credit cards, checkbooks, etc.
- Do not continue to use a compromised PIN.