Online Identity Theft
What Is It And How To Protect Yourself
Online identity theft has the fastest-growing crime rate in the U.S.
More than 12 million Americans are victim of identity fraud every year, and the average financial loss per identity theft incident is just over $5,000.
The percentage of U.S. households that have experienced some kind of identity theft is closing in on a staggering 10%.
For cyber thieves, your personal information is a goldmine. For example, your (user) name, last name, email addresses, phone numbers, passwords, banking information, credit card details, Social Security number, medical records - and so forth.
Cyber thieves will attempt to steal such information and then use it for fraudulent activities and other crimes, such as selling your information.
Identity theft can be bothersome when, for example, they get ahold of your phone number and, as a result, you receive random calls from salesmen. Such theft is a problem that would be relatively easy to fix.
On the other hand, identity theft may cause tremendous damage and cost you thousands of dollars, and might take months and months to resolve.
Worst case scenarios of identity theft include severe damage to your reputation, missing out on new job opportunities, or rejection of loan applications for your house or the school of your kids. Also, online identity theft can cause serious damage to your credit scores.
People have even been arrested and held in custody - once for more than two weeks! - because criminals used their identities, making the police think that they were the criminals.
In case you haven’t actively started protecting your identity on the internet, you should start doing so today.
What Is Online Identity Theft?
Online identity theft is a serious crime, often aimed at obtaining the personal or financial information of another person. The obtained information is then used for personal gain, often by making purchases or selling someone’s identity or credit card details online to the highest bidder.
Where the pre-modern way of identity theft typically happened when people went through trash cans, looking for information or old bank statements, the modern way of identity theft happens online.
Hackers use various methods to access businesses or website databases and infect or hack an individual’s device in order to obtain sensitive information.
There are five types of identity theft, namely:
When a criminal pretends to be someone else during an arrest in order to avoid repercussions, it’s called criminal identity theft. By doing so, the person tries to prevent discovery of his or her real name and hide potential warrants or prior conviction records.
Financial identity theft applies to a situation where a person’s identity or personal information is misused in order to obtain money, products or other benefits.
Typically, the purpose of stealing financial information is to make transactions or purchases using someone else’s money.
Financial identity theft is the most common type of identity theft.
Medical identity theft applies to a situation where a person pretends to be someone else in order to receive health benefits or free medical care.
Child identity theft applies to a situation where a person uses a minor’s identity for numerous forms of personal gain.
Most commonly, a minor’s name or Social Security number is used to obtain a residence, loans or apply for employment opportunities.
In many cases, the minor’s identity is used by someone close to the minor, like a family member or a friend of the minor.
High-tech identity theft is a type of theft that’s on the rise. In such cases, thieves use technology to get their hands on people’s personal information and use that for fraudulent activities.
This type of identity theft is most commonly used by hackers who exploit vulnerabilities in hard drives and computers. Typically, they hack into computer networks and install malware that provides them access to public records and personal information.
For example, a hacker could install a keylogger on your computer that registers every single thing you do on your computer. It registers entered passwords, usernames, credit card information and more.
The Most Common Methods of Online Identity Theft Scams
There are various methods that scammers use in order to obtain your personal information or credit card details.
I’ve listed the most common methods of online identity theft below.
A phishing scam is a tactic employed by hackers that involves sending emails to thousands of individuals with the purpose of tricking the recipients into performing an action.
Hackers could send phishing emails to random individuals, but it also happens that hackers target specific people in specific companies in order to gain access to company files.
A phishing email tricks the recipient into opening a file, which usually contains some type of malware or redirects the user to a look-alike website.
When the victim enters their personal information, payment information and/or username and password combination, it falls straight into the hands of the hacker.
The stolen information is then used to, for example, register credit card accounts under your name or the information is sold to interested third parties.
It’s incredibly hard to prevent such emails from landing in your inbox. Luckily, there are numerous ways to recognize a phishing email, but you have to be aware of the signs and what to look for.
Read my post on phishing emails if you want to know more about them and how to deal with them.
It’s highly possible to fall victim to identity theft at the hands of hackers. Hackers exploit vulnerabilities in your security systems and find their way into your computer or mobile phone.
Another way to get their hands onto your information is to obtain access to your device by hacking the network you’re logged into.
Imposters are people who hide their real identity and pretend to be someone else.
For example, people could hack into your social media account and impersonate you in order to trick people in your friends list to perform certain actions or provide personal details.
Pharming websites are a bogus version of legit websites. The hacker has access to the website’s server or domain name system and then installs a redirect address. That means that everyone who’s visiting the website is automatically redirected to the bogus version.
Typically, hackers use these bogus versions to trick people into entering personal or credit card information and then use that information to commit identity theft.
Redirection to bogus websites is a tactic often used by phishing emails. A bogus website looks exactly like a website they often use and trust. Once they enter any information - thinking that it’s the real site - it’s sent directly to the hacker.
The hacker could mention something about a payment issue and then redirect you to a bogus version of your bank’s website. So, when you enter your login details, the hacker now has access to your bank account as well.
Remote access scams try to trick you by convincing you that your computer has an issue or that there’s an internet problem. Then, they try to convince you to buy third-party software to fix the issue.
For example, the hacker may phone you and pretend to be an employee of a certain computer or telecom company, working for their technical support department.
Typically, the scammer informs you of error messages, which their system received from your computer or network. Then the scammer will request remote access to your computer to find out exactly what the issue is.
Once the scammer has gained remote access to your computer, they’ll try to convince you to buy new software to “fix” the problem. Obviously, the software will be from an untrusted source and most likely contain malware or severe security vulnerabilities.
Alternatively, the scammer may ask for your personal details, bank account or credit card details.
Skimming is a method used to steal credit or bank card details. The scammers manipulate an ATM machine, so when you use the ATM to withdraw cash, the device will read your credit or bank card information from the magnetic strip on the back of the card.
The recorded information of the card is then transferred to the criminal’s storage device. This way, the scammer is able to make a copy of your card.
When the scammer has successfully copied your card, it will enable them to make online purchases or even withdraw money from an ATM machine in a different location.
This usually happens just moments after you’ve been skimmed.
When a hacker infects your device with malicious software, it often enables them to install new software or gain access to personal information stored on your device.
By doing so, the hacker might gain access to your personal details or other information, which they can abuse to commit identity theft.
Other forms of malware, such as spyware and keyloggers, are capable of logging everything you do on your computer.
Fake Online Profile
Scammers apply various different tactics to scam people on social media and other online platforms.
On social media, a scammer may create a fake profile and pretend to be working for a bank, insurance company, sales function or something similar.
The scammer then starts sending messages to people about their bank account issues, payment issues or some type of discount offer. These messages often contain a link to a (malicious) website to confirm your account or a form that asks for your personal information or payment details.
Obviously, if you visit the website and download a file by clicking the confirmation button, or enter sensitive information, the hacker will receive all your data.
Alternatively, scammers create fake profiles on dating and romance websites and try to contact people that way.
In most cases, the scammers will lure their victim into a fake online relationship and express strong emotions towards them. This way, the scammer tries to build trust and affection.
When they’ve won their victim’s trust, they will ask for financial help, gifts, personal information or credit card details. They can also ask you to send nude or revealing pictures, which they can later use to blackmail you.
How to Protect Yourself from Online Identity Theft
As mentioned before, it might be relatively easy to recover from simple cases of identity theft. However, it can be incredibly frustrating and difficult to overcome the more extreme forms of online identity theft.
The worst thing is, most of the time, you’re not even aware of how or when it happened. Therefore, it’s best to always take a proactive approach to protecting your online identity.
Here’s how you can protect yourself from online identity theft.
Antivirus & Anti-Malware Software
The first step to protecting your online privacy is to install good antivirus software. Good antivirus software will disable most types of malware and prevent hackers from infecting your device with spyware or keyloggers.
Anti-malware software will serve as an extra layer of protection in case the antivirus failed to recognize a malicious file.
For more information on the best antivirus software, check out my latest post on that topic.
Always Install Latest Software Updates
It’s essential to keep your systems up to date because software developers patch out any potential vulnerabilities in their software by releasing updates.
If you don’t update your software, you leave the door open to hackers, and the risk of falling victim to a hack is higher.
Hide Your PIN When Using ATMs
When you withdraw cash from an ATM machine, make sure to hide your PIN. It could be that there’s someone watching over your shoulder without you even realizing it, or there’s a little camera installed to register the PIN you enter.
Simply make sure you’re on the safe side!
Safe Online Shopping
Always make sure to do your online shopping on a secure and trusted website. To do so, you can check whether a website has an encryption security system installed. You can recognize this from the “s” in “https” and the green padlock next to the address bar.
Be Cautious of Phishing Scams
The phishing method is an old method of conducting online scams and identity theft, but the method is being improved constantly to mislead the victims.
The most important aspect of phishing emails is to be aware of the signs that tell you it’s a phishing mail.
Make sure to read my guide on how to recognize phishing emails and how to deal with them.
Strong & Unique Passwords
Make sure to choose a good password for all of your accounts. If you’re struggling to come up with a strong password, tools like LastPass Password Generator can help you out.
But remember, never reuse passwords between different accounts!
It’s almost impossible to remember different passwords for every account. Therefore you can use the tool I just mentioned, “LastPass,” to store your username and password in a safe environment.
Check out my post about creating a strong password for more information.
Never Provide Sensitive Information Over the Phone
If you ever receive a weird (and often unexpected) call from an identity thief, don’t be fooled by the tone or the story. If you didn’t initiate the call, never provide any sensitive information over the phone - especially not your credit card details.
Banks and credit card companies often send out messages stating that they would never ask you to provide sensitive information over the phone.
Protect Your Smartphone
As well as protecting your computer, every smartphone owner should be cautious with their device and install security software.
iPhone owners are less likely to experience a breach due to the security infrastructure that Apple used to build their phones. But Android users should be more careful - don’t download apps from unknown sources.
Make sure to read my guide about how to protect your Android phone and how to remove malware.
Don’t Click on Links
Never open suspicious emails in your inbox. When you accidentally open a suspicious email anyway, make sure to never click on any of the links or attachments in the message!
Protect Your Social Security Number
Protecting your Social Security number is one of the most important things you need to do to protect your online identity, because your Social Security number can be used for various purposes.
A cyber thief could potentially open a new credit card account and make purchases with it. It’s important to never use your Social Security number as a password, never send it over email or any other message provider and never store it on your computer or smartphone.
Check Your Bank Account & Credit Card Payments Daily
It’s important to keep track of your daily balances. Many banks and credit card providers have an option to enable alerts that will notify you of any activity on your account. So, even though you make a purchase yourself, you’ll be notified of a reduction in your funds. That means that when you unexpectedly receive such a message, it’s highly likely that your account has been compromised. If so, you must take immediate action.
Also, make sure to be aware of the policies that are in place of the financial institutions you’re using, so when something happens, you know what to do.
Have You Fallen Victim to Online Theft?
Although you’ve done everything you could to protect your online identity, it’s still possible to fall victim to a scam.
Once you find out your identity or other personal data has been compromised, it’s important to follow the next steps:
Step #1: Notify your bank and other relevant financial institutions
Step #2: Change all your passwords on all your accounts (especially the compromised one)
Step #3: Scan your computer with antivirus and anti-malware software
Lastly, it’s important to contact the Federal Trade Commission and credit unions. They will flag your account with a fraud alert, so the cyber thieves won’t be able to make any other purchases or cause further damage.
What We Have Learned
Unfortunately, now you know that identity theft is a real threat and there’s a realistic chance of falling victim to online theft - especially if you don’t take any precautions.
First and foremost, it’s important to be smart while using the internet - don’t just blindly input personal information or payment details on any given website.
The top 5 key things to do in order to protect yourself against online identity theft are the following:
Install antivirus & anti-malware software
Install latest software update for your device
Use “https” websites
Be wary of phishing emails
Use strong and unique passwords
While online identity theft continues to rise, you can protect and prevent the scammers from affecting your life by becoming more aware of their methods and learning how to protect yourself from them.
For now, make sure to take action to defend yourself better, and also become a regular visitor of my site in order to keep yourself updated with the latest security news, issues, tools and tips.