Sometimes people use the phrase identity theft and identity fraud interchangeably. However, two different processes are involved with these phrases. Identity theft is when identity thieves steal Personally Identifiable Information (PII). PII includes such things as your name, address, Social Security number and email address. Whereas identity fraud is the unauthorized use of stolen PII to achieve financial gain. This can range from using a stolen payment card account, fraudulent purchases, taking control of existing accounts as well as opening new accounts. Personally identifiable information is highly valuable to identity thieves. For example, according to the 2018 Identity Fraud Study there were 16.7 million U.S. victims in 2017 with $16.8 billion dollars stolen.
PII—Highly Valuable to Identity Thieves
Identity thieves use stolen personally identifiable information for their own purpose, and then either sell it on the dark web or post it online for all to see. Additionally, there is no age limit to becoming a victim. For instance, CNN reported that the personal details of children, including Social Security numbers, mother’s maiden name and date of birth were found for sale on the dark web.
It’s equally important to note that not just individuals are at risk for identity theft/fraud. Business identity theft is also commonplace as criminals hijack company websites and phone numbers.
How Identity Thieves Steal
It’s important to realize that Identity theft can happen to anyone. Here are a few ways in which identity thieves may steal your information.
- Data Breaches
- Unsecured Websites
- Public Computers
- Social Networks
- Dumpster Diving
- Pharming or DNS poisoning
- Tombstone Theft
Equifax Data Breach
Recent data breaches have left millions vulnerable to identity theft and fraud. In fact, over 145 million Americans were affected by the 2017 Equifax data breach. The PII stolen; Social Security numbers, date of birth, credit card numbers, driver’s license numbers and telephones numbers are the type of information identity thieves want to confirm identity for various types of applications. As reported by the Washington Post, criminals are using the stolen information to apply for mortgages, credit cards and student loans.
Social Networking Sites
Social identity theft/fraud is now epidemic. As a matter of fact, tens of millions of fake accounts now permeate social media sites. Stolen identities; names, photos, personal information provide the raw material for bots or automated accounts. The New York Times reported in January, 2018 that an American company named Devumi collected millions of dollars in a murky global marketplace for social media fraud. According to the report, “Devumi sells Twitter followers and retweets to celebrities, businesses and anyone who wants to appear more popular or exert influence online”.
In addition, social identity theft is also making headlines in the world of politics. As reported by the Washington Post, two Frenchmen are going on trial Wednesday March 14, 2018 for allegedly stealing Emmanuel Macron’s online identity when he was running for president in the 2017 election. Cyber espionage groups and state sponsored hackers have also stolen photos and personal information from real people to create fake personas. Mia Ash is just one example.
The Example of Alexandre Martinez
However, this type of social identity theft is not just happening in the world of spies, espionage, politicians and celebrities. Consider the case of Alexandre Martinez. Over a period of five years, Spas Visiliva, stole Mr. Martinez’s name, personal information and photos from his social media account and used it to create multiple fake online identities. As a result, Mr. Martinez became well-known in Bulgaria as ‘Alexandre Nicolov’, a rich and successful manager, landing top jobs at multinational corporations and consultancy firms including Airbus. He also had a large online following including journalists and politicians. After patiently waiting years for trust to develop with “Alexandre Nicolov’s” online followers, Spas Visiliva, initiated a ponzi scheme, offering discounted flights through Facebook.
Phishing for Apple IDs
Apple IDs are hot commodities. According to Proofpoint, Apple IDs are the #1 target for credential theft emails. For example, most Apple ID’s connect to a credit card or bank card. Therefore, keeping it secure is as important as protecting the safety of your financial accounts. With a stolen Apple ID a criminal can get access to the linked iCloud account with the potential for identity theft. This particular phishing email targeting IPhone users was reported on in October, 2017.
What You Can Do
There is no 100% sure fire way to protect yourself from identity theft and fraud. However, by being observant and protecting your personal information you can reduce the risk. The Federal Trade Commission recommends these 4 steps:
- Know who you share your information with.
- Store and dispose of your information securely, especially your Social Security number.
- Ask questions before deciding to share your personal information.
- Maintain appropriate security on your computers and other electronic devices.
Be observant for these clues:
- You don’t get your bills or other mail.
- You get notice that your information was compromised by a data breach.
- Medical providers bill you for services you didn’t use.
- You find unfamiliar accounts or charges on your credit report.
- The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
The Identity Theft Resource Center has an excellent fact sheet describing how social identity theft happens. Eight points are:
- Using low privacy or no privacy settings.
- Accepting invitations to connect from unfamiliar persons or contacts.
- Downloading free applications for use on your profile.
- Giving your password or other account details to people you know.
- Participating in quizzes which may require you to divulge a lot of personal information.
- Clicking links that lead you to other websites.
- Falling for email scams (phishing) that ask you to update your social networking profiles.
- Using no or out-of-date security software to prevent malicious software from being loaded onto your computer and stealing personal information.
If You Are a Victim of Identity Thieves
If you think you are a victim of identity theft or fraud you can report it at the Federal Trade Commission Identity Theft webpage. You can also protect yourself by looking into identity theft protection from Life Lock
One last reminder. The transition to digital documents may make dumpster diving seem old-fashioned and past its heyday. However, it still poses a very real risk for individuals and companies. This video shows what can happen when you throw away mail that contains sensitive information.
Original Source YouTube