Identity Theft Stats, Facts and Figures for 2020

Your personal information, and that of nearly every other consumer in the world, resides on numerous servers around the globe. This makes you, and everyone else, vulnerable to identity theft.

Data theft continues to be a big problem, although there has been some good news on that front over the last few years. Javelin Strategy reports that the number of U.S. identity theft victims dropped by 15% in 2018, compared to 2017.

However, identity theft remains a big business, and Javelin Strategy also found that children are increasingly common targets of identity fraud. Over 1 million children were victims of ID theft in 2017, resulting in total financial losses of $2.6 billion and over $540 million in out-of-pocket costs to families.

In this article, we’ll take a look at statistics, facts and figures related to identity theft & bank fraud in recent years. I do this in the hope that this gives my readers a better idea of how and why identity theft continues to be a pressing problem for individuals, businesses and more.

Identity Theft Statistics

• There were 9,600+ reported data breaches in the 2008 to 2019 timeframe. Over 10 billion records were stolen during that period.
• Just 5.66% of U.S. consumers were victims of identity fraud, down from 2019. Adoption of EMV chip-based credit cards helped contribute to the decline, as they cannot be copied by card skimmers.
• A 2017 Equifax data breach exposed the Social Security information, birthdays, addresses and more of 143 million U.S. residents.
• Nearly 58,000 websites were compromised by formjacking in 2018. Formjacking is when bad guys inject a script to skim credit card numbers entered in forms on online shopping and other types of sites.
• Account takeovers – which is when the bad guys gain access to an account and change the contact and security information – increased 61% during 2015. However, they dropped between 2017 and 2018, with losses decreasing from $5.1 billion to $4 billion.
• Mobile account takeovers increased in 2018, with 679,000 mobile account takeovers, versus 380,000 in 2017.
• Users with an active social media presence run a 30% higher risk of becoming fraud victims, due to increased online exposure.
• The most compromised social network during 2018 was Facebook. Among multiple incidents was a breach caused by a coding vulnerability that allowed hackers access to tokens for 50 million accounts, which they could use to view user account information.
• Most identity theft complaints come from folks between the ages of 30 and 59 (accounting for 61% of all complaints).
• 75% of unprotected Wi-Fi hotspot users fail to use a VPN to protect their connections, despite the additional protection a VPN offers.
• 60% of consumers believe their personal information is safe when using public Wi-Fi. (It’s not.)
• 87% of users have left their personal information exposed by using public Wi-Fi to access email or to connect to banking and other financial websites, without VPN protection.
• 43% of adults surveyed admit to online shopping while connected to public Wi-Fi.
• 55% of users surveyed admit they would trade something for access to free Wi-Fi. 8% would share personal information, and 7% would share access to their personal emails.
• This one doesn’t have anything to do with security, but was fascinating to me: 1 in 6 survey respondents admit to using public Wi-Fi to watch “adult content” in the following locations: 30% at a cafe/restaurant, 29% at work, 25% at an airport, 24% on the street, and 17% at a public library. Really, people?
• One of five people surveyed believes stealing information online isn’t as bad as stealing “real life” property.
• Data from the FTC and law enforcement agencies indicate identity theft represented 13% of the over 3 million criminal complaints recorded in 2016.
• 31% of small businesses are not actively taking measures to defend against data breaches and hacking.
• Equifax Canada says millennials are the top target for bad guys, as nearly half of fraudulent applications are for folks between the ages of 18 and 34.
• Less than half of consumers “always” use a secure password.
• 33% of those surveyed admit to sharing their account login information with other parties.
• Of those sharing passwords, on average they have shared it for two accounts – mostly email (55%), streaming (29%) and social media (43%).
• 36% of password sharers have shared the password to their online bank account information.

Top Targets for Cyber Criminals: Credit Cards and Social Security Numbers

Credit card fraud has been a problem ever since the first American Express and Bank Americard (later called VISA) credit cards were issued in 1958. However, with the debut of e-commerce in the 1990s, “Card Not Present” (CNP) credit card fraud became easier than ever.

When the first Social Security numbers were handed out in 1936, they were originally intended only to track the earnings history of U.S. workers for Social Security entitlement programs. Since then, the numbers have become a nearly universal identifier, making them attractive to identity thieves.

Credit Card and Social Security Fraud Stats

• Fortune reports that credit cards account for most instances of identity fraud.
• A 2018 study by the Federal Reserve showed the amount of card-present credit card fraud in the U.S. declined from $3.68 billion in 2015 to $2.91 billion in 2016. Meanwhile, card-not-present fraud jumped from $3.4 billion to $4.57 billion during the same period.
• A 2018 study by Javelin Strategy & Research said CNP fraud is 81% more likely to occur than in-store (card-present) fraud.
• Fortune reports that credit cards account for most instances of identity fraud.
• Credit card fraud is now the second-most reported type of identity theft in the U.S., accounting for 33% of all fraud reports.
• Card fraud in 2019 accounted for $32 billion in financial losses.
• Most Social Security-related identity theft targets tax- or wage-related fraud, making up 34% of all identity data theft complaints.
• Over 25% of identity theft complaints are related to recently-opened credit card accounts. A mere 7% is related to existing card accounts.
• New Account Fraud losses were $3.4 billion in 2018, up from $3 billion in 2017.
• 60% of data breaches during the first half of 2017 involved the exposure of Social Security numbers.
• Amazingly enough, 13% of U.K. consumers believe there is nothing wrong in using someone else’s credit card without their permission to shop online!

How Can You Reduce Your Chances of Identity Theft?

While you can’t keep yourself 100% free of the risk of identity theft, you can take steps to greatly reduce your risks and increase your online protection. Here are some key common sense tips on how to be safer:

• Always use a unique, secure password for each account. A secure password is considered to be at least 8 characters (the longer, the better), and be made up of upper-case and lower-case letters, numbers and special characters when allowed.
• If you’re like most users, you’ll have a hard time remembering a unique password for each account, and may be tempted to write them down or store them in a text file or spreadsheet. Don’t do that. Use a password management program, such as 1Password, Dashlane or LastPass. All three of these password managers save your passwords in an encrypted database and can autofill your password information into websites and apps. They also sync your password info across all of your connected devices, so it’s always there when you need it.
• In addition to secure passwords, use Two-Factor Authentication (2FA) whenever possible. 2FA adds another layer of authentication to logins, requiring a piece of information only you would know (such as a code generated by a trusted app on your device), or have at hand, such as your fingerprint. (See what I did there?)
• When you are accessing your bank accounts, credit card info, shopping online, or are engaged in any sensitive online activity, protect your activities from prying eyes by using a Virtual Private Network (VPN). A VPN encrypts your internet connection, preventing any third parties from electronically eavesdropping on your connection. This is especially important when you are using unprotected public Wi-Fi hotspots, such as at your local coffee shop.
• Don’t open suspicious-looking emails. While Gmail and other mail services offer efficient spam filters, they can’t catch everything. Don’t open any emails from unknown senders, and be wary of clicking on any links or opening any attachments sent with the email. Even if the link or attachment is sent from what appears to be a trusted sender, be wary. Contact the sender independently to make sure they included the link or attachment. Also, there are no Algerian princes who want to share their fortune with you, and that email promising a free trip to Hawaii is also likely a scam.
• Avoid “too good to be true” offers or contests on social media. If an offer doesn’t come from a reputable, official company page, be very wary.
• Always monitor your financial information & accounts for suspicious activity. If you see activity you didn’t do, report it immediately. Even if the suspicious activity is just a small charge to your credit card statement or bank account, report it. The bad guys will often charge a small “test” amount to ensure the credit card works or that they have access to your bank account numbers and financial information.
• Keep an eye on your credit reports, your credit score as this can highlight identity thieves if they apply for credit on your behalf. Your credit history is important to an identity thief.
• Always keep your software updated. Whether it’s your computer or mobile device’s operating system, your bank’s app, or your anti-malware or antivirus app, keep it updated.

In Closing

As you can see, the financial impact of identity theft is a growing problem that isn’t going away any time soon. While you can’t 100% ensure that your identity won’t be stolen in one of the ways I’ve discussed in this article, you can take steps to lower your risk of identity theft.

Identify Theft Q&A