Thanks to movies and TV shows, we often imagine identity theft as criminals gathering information about an unassuming individual. They might fake documents like passports and birth certificates, change their name, and even wear wigs and costumes to take on the persona of their victim.
In reality, identity theft is usually much simpler and easier to perpetrate than this popularized scenario first suggests. With the prevalence of the internet and social media making it commonplace, even expected, for us to share personal details online, the threat of identity theft has rapidly increased.
In 2013, the FTC received 290,056 reports of identity theft. Ten years later, this number totals over a million, coupled with losses of $10 billion. Even when identity theft reports were substantially lower than in 2023, it was still the most common fraud perpetrated against American citizens.
So, if many people have a different idea about identity theft, what does it actually entail? And, more importantly, how can you prevent yourself, your family, and your friends from falling victim to it? In this article, we'll answer both those questions so you can keep yourself safe in the age of identity theft.
What is Identity Theft?
In general terms, identity theft occurs when someone uses your information for their own gain. A fraudster will likely use some kind of malicious tactic to get this information, but in other cases, they may use publicly available details. This is partly the reason why identity theft reports are so high - in practice, a huge number of scenarios constitute identity theft.
Although most cases do result in financial losses, it's worth noting that what the fraudster 'gains' is not always your money. For example, an identity thief might use your name and social security number to obtain a bank loan. Although you'll be liable to the bank for repayment, and your credit score will be impacted, your money hasn't technically been stolen.
As a result of this varied nature, identity theft is hard to prove, incredibly stressful and isolating, and will likely affect your everyday life long after the crime has been committed. This leaves us with an important question...
What Are the Most Common Types of Identity Theft?
While each identity theft case is unique, they usually fall into five common categories. These are:
Financial Identity Theft
This is the most common type of identity theft. It involves a fraudster using stolen bank account and credit card details to make purchases, withdraw funds, or open new accounts. This is done for financial gain, and victims face damaged credit scores, significant debt, and, of course, financial losses.
Criminal Identity Theft
In this scenario, a criminal provides someone else's personal information to law enforcement during an arrest or investigation. This can lead to wrongful criminal records, arrest warrants, or legal issues for the victim, who is likely to remain unaware of the identity theft until, if ever, they encounter legal trouble themselves.
Medical Identity Theft
When perpetrating medical identity theft, the fraudster will use someone else's identity to receive medical care, prescriptions, or insurance benefits. This can lead to the victim having inaccurate medical records, being wrongfully billed, struggling to get insurance or access essential care, and can even cause life-threatening situations if incorrect medical histories are recorded under the victim's name.
Child Identity Theft
Many fraudsters are aware that parents typically don't check their child's credit, as there’s little reason to do so. This is why the theft of a child's Social Security number or personal information to open accounts, apply for loans, or engage in other financial activities can go undetected for years. The lack of immediate consequences makes children a prime target for identity thieves.
Synthetic Identity Theft
Finally, this form of identity theft involves criminals combining real and fake information to create a new, synthetic identity. For example, they might use a legitimate Social Security number but pair it with a false name and date of birth. This synthetic identity is then used for illegal purposes and is incredibly difficult to trace back to a real person.
Many identity theft cases also involve other crimes, like mail fraud or credit card fraud. Surprisingly, this does have its benefits, as fraudsters' ways of gaining and using your information usually follow similar patterns, making it much easier to spot the warning signs.
How Identity Thieves Gain Access to Your Information
Generally, identity thieves obtain your information physically or digitally. The following tactics are divided into these categories.
Physical Tactics
Dumpster Diving - When you're finished with receipts, old ID cards, and broken electronic devices, the logical course of action is to throw them out. However, all of these items contain important personal information, turning your dumpster into a gold mine for fraudsters. Though looking through trash is less common in the digital age, don't let this fool you into thinking dumpster diving never happens.
Mail Theft - Bills, letters from your bank, place of work or school, and even cards from loved ones all contain information that is invaluable to identity thieves. On many occasions, all they have to do to gain access to these things is look through an unsecured mailbox or intercept them during delivery.
Shoulder Surfing - How many times have you taken a peek at the game someone's playing on their phone or overheard an argument on public transport? While many of us avert our eyes and ears, sometimes it's impossible not to. If it's that easy to gain personal information even when we don't mean to, it's far easier for fraudsters with that exact intention. This is why shoulder surfing, observing individuals in public places to gather personal information by watching them enter passwords, PINs, or other sensitive data, is a common tactic in identity theft.
Digital Tactics
Hacking - Unlike the cybercrimes in The Matrix, Tron, and Die Hard, hacking can be as simple as tricking you into clicking a malicious link or logging into your accounts with a stolen password. Hackers might exploit unpatched security flaws in devices and apps you use every day, or even lead you to believe that software that records the buttons you press on your keyboard is a trusted anti-virus. Once inside, everything stored on your device is theirs.
Pretexting - A form of phishing that involves a fraudster impersonating an official individual, pretexting is referred to as "spear phishing." A fraudster will craft highly personalized messages, often posing as a trustworthy authority figure such as a bank representative, company executive, or government official, to deceive you into divulging sensitive information. Unlike generic phishing, which targets a broad audience, spear phishing targets specific individuals or entities, making these messages much more convincing.
Browsing Social Media - Sometimes, fraudsters don't need to create malicious code or act like your estate manager. Sometimes, all they need to do is log onto Instagram or Facebook and scroll through your profile. A photo of your new car says a lot about your financial status and can be used to craft spear-phishing scams. Or, a seemingly harmless post about how much you're enjoying your vacation signals that your home is unoccupied and your trash can unsecured.
How to Prevent and Avoid Identity Theft
With the above tactics in mind, you now know which areas of your physical and digital life you need to protect. Prevention should start well before any fraudster pinpoints you as a potential target, so employ the following tips in your daily life as soon as possible to ensure you're protected against identity theft.
- Lock your trashcan. A generic padlock with a key stored inside your home will do just fine.
- Shred or deface mail that you intend to throw away. Redact your name, address, and other important information with a Sharpie or magic marker.
- Get a privacy screen for your phone and laptop. These make it much harder for people around you to see what you're doing on your device.
- Avoid using ATMs or paying by card when people are behind you. If you must do so, then be sure to cover your PIN or signature.
- Check for updates to your device software and apps. Developers often patch any potential security vulnerabilities in new updates.
- Change your passwords regularly. If you find it hard to remember new passwords, use an encrypted password manager. Never write your passwords down physically in a notebook or on a Post-it note.
- Check the data privacy and protection policies of the sites and organizations you use. Remember that you can and should submit data removal requests to any companies you no longer deal with.
- Update your email inbox's spam filters. Many providers, like Gmail, already have stringent settings. Others, such as Outlook, will warn you with pop-ups when they believe a sender is suspicious.
- Be wary of unsolicited contact from those claiming to be in positions of authority over you. If you intend to keep the conversation going, remain calm, trust your instincts, and don't provide any information that the individual should reasonably already have access to.
- Always double-check claims made over the phone, by text message, or online chat. Any genuine individual will be happy for you to verify their position and the information they've provided.
- Update your social media privacy settings. Make sure your profile is only visible to people you've allowed to friend or follow you. Don't accept friend or message requests for your personal profile from anyone you don't know.
- Block and report suspicious social media accounts.
In Conclusion...
Identity theft is a lot more common and can be a lot more subtle than many people expect. Though financial gain is the primary motive for many fraudsters, the objectives behind these crimes can be varied and unexpected.
However, despite its prevalence, you can protect yourself and your loved ones from identity theft in several ways. A proactive approach to securing your details is best, so stay vigilant, monitor your financial transactions and online accounts, and don't hesitate to report any suspicious activity to the FTC.
Sources and Resources
- https://www.usa.gov/identity-theft
- https://www.investopedia.com/terms/i/identitytheft.asp
- https://www.ftc.gov/system/files/ftc_gov/pdf/CSN-Data-Book-2022.pdf
- https://www.experian.com/blogs/ask-experian/20-types-of-identity-theft-and-fraud/
- https://www.mcafee.com/learn/5-common-types-of-identity-theft/
- https://www.equifax.com/personal/education/identity-theft/articles/-/learn/how-does-identity-theft-happen/
- https://www.eset.com/uk/types-of-cyber-threats/identity-theft/
- https://ico.org.uk/for-the-public/identity-theft/
- https://www.experian.com/blogs/ask-experian/how-to-protect-yourself-from-identity-theft/
- https://www.nerdwallet.com/article/finance/how-to-prevent-identity-theft
Leave a reply