Identity theft is one of the quickest growing crimes in America, affecting approximately 7–10 million people every single year. To put it simply, identity theft is the act of using someone else’s personal information or identity for personal gain. In most cases, it happens without the victim even realizing it until it’s too late and usually after a lot of damage has already been done.
In this article, we will cover the following topics
Types of Identity Theft
There are generally two categories of identity theft. The first of these is known as Account takeover. This happens when an identity thief gets hold of your actual physical credit card, or the credit card number and expiry date, and uses this information to purchase services or products. The victims, in this case, don’t usually notice the additional purchases until they either receive their monthly statement in the mail or attempt to use their card only to realize that it has reached the maximum limit allowed.
The second category of identity theft is called Application fraud, also popularly known as “true name fraud”. This happens when an identity thief gets hold of a good deal of your personal information such as your Social Security Number (SSN), full name, address, place of work, driver’s license number, date of birth, etc. They will then use this information to apply for loans or open new lines of credit or bank accounts.
Popular examples of Identity Theft include:
1) Mail Identity Theft.
When an identity thief illegally accesses your mail to gather information about you. This information is then used to carry out other forms of Identity Theft attacks.
2) Driver’s License Identity Theft.
When an identity thief gets hold of your driver’s license, they can then use this falsely at a traffic stop to avoid a citation. This will result in the citation showing up on your driving record.
3) Social Security Number Identity Theft.
When an identity thief gets a hold of your Social Security Card or number and uses it to open Lines of credit or open fraudulent bank accounts in your name.
4) Senior Identity Theft.
When an identity thief takes advantage of vulnerable seniors often posing as someone from IRS or Medicare office to gain access to their personal information.
5) Child Identity Theft.
When an identity thief uses a child’s personal information to rack up debt in the child’s name, the victims don’t usually realize it until they are old enough to apply for loans.
6) Tax Identity Theft.
When an identity thief uses your information, such as SSN, to falsely file a tax return in your name and collect the refund.
7) Medical Identity Theft.
When an identity thief illegally uses your information to receive medical services or benefits.
8) Synthetic Identity Theft.
When an identity thief blends together personal information stolen from a variety of people to create new fake identities that look like real consumers with great credit.
9) Stolen or Lost Passport.
When an identity thief gets hold of your stolen or lost passport and sells it on the dark web.
10) Internet of Things IoT Identity Theft.
When an identity thief gains unauthorized access into one of your connected smart home devices to steal personal information.
Popular Identity Theft Techniques.
Some popular Identity Theft Techniques include:
1) Dumpster Diving
Many people tend to discard things such as credit card statements, bills with account numbers, credit limits, contact information, and all other types of personal information on them in the trash.
Determined identity thieves can go digging through your trashcan to find what they’re after. You can imagine all the damage they can do if they get their hands on sensitive information on documents that you threw away. They can open new credit card accounts, apply for mortgage loans in your name.
2) Mail Stealing
Mailboxes are holding locations for documents that contain a lot of personal information. Sophisticated identity thieves can print some bogus flyers and pose as someone delivering them to your mailbox. Your mailbox can provide them with newly issued credit or banking cards, a new batch of checks for your personal or business accounts, investment reports, insurance statements, tax information, and bank statements.
3) Shoulder Surfing.
This includes identity thieves smartly watching over your shoulders when you input sensitive information in forms or online applications or watch you discreetly when you are keying in your ATM pin.
4) ATM Skimming
Identity thieves have become experts at creating inexpensive, homemade skimming devices that attach to ATM card readers; this allows them to collect hundreds or thousands of card numbers in a very short period. There are two different types of commonly used devices: one that interferes with the customer’s ability to use the ATM machine successfully, and one that doesn’t. The type of device that interferes with the normal operating ability of the machine is generally easier to recognize.
Identity thieves will look for an ATM that they can alter the face of and build an attachment for. In some cases, they may use a fabricated metal container of sorts that would fit onto the existing machine and may have a small laptop computer inside that would prompt the customer to use a touch screen. The customer thinks they are using the ATM’s actual keypad. In some cases, it may also offer an alternate card reader next to it. With a small, undetectable camera recording your PIN as you enter it attached to or near the ATM, the thief will steal all the information they need to access your account once you have finished attempting to process your transaction.
The second type of skimmer that does not interfere with your transaction process is most commonly found on banking machines that require you to swipe your card through an external, raised slot, and not the ones where you manually slide your card into the actual machine in which the reader’s head is buried inside the unit. This is because external readers are much more accessible to thieves, and the skimmer can be placed directly on top of the actual reader strip. As a customer, you can still make withdrawals while the thief steals your information. These types of devices are very difficult, if not impossible for the untrained eye to identify. ATM banking machines are not the only devices at risk when it comes to skimming. A skimmer can be attached to any system with an external reader, such as the one you use to pay your bill at the grocery store, gas station, department store, or restaurant.
5) Check Fraud.
Though the use of checks has significantly declined over the years, check fraud continues to be one of the most popular identity theft techniques. Identity thieves with access to your personal information can create counterfeit checks in your name. They may also choose to open up a checking account in your name, using it to write bad checks and accumulating a load of debt that will appear on your credit report.
6) Telephone Scams.
Almost everybody at some point has been exposed to this type of scam when a caller claims to be from the IRS or Medicare or Student loan Services and scams and asks you for personal information such as credit cards or Social Security Numbers. The number of people falling victim to this scam is staggering. This type of scam is very commonly targeted towards Seniors.
7) Phishing.
In this type of attack, identity thieves plant bait and lure unsuspecting victims into providing confidential and personal information. Phishing scams have been around forever; what has changed about them is simply the route in which the scam is delivered. Before the computer, phishers used the telephone; however, the vehicle of choice is the internet in this day and age.
Messages such as the ones below are all examples of actual phishing scam messages sent via email or by way of pop-up messages.
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
“eBay requires you to update your account information.”
“PayPal account renewal required”
“Bank of America security alert”
“$20 Reward Survey, Chase Manhattan Bank”
“Please update your bank account”
“JC Penny gift card offer confirmation”
“American Red Cross/Hurricane Katrina Relief”
It is common for the phisher to use the name of a well-known, reputable business, organization, government agency, or financial institution that you perhaps deal with. The goal here is the give the fake message an air of legitimacy.
In some cases, Phishers will threaten you with severe consequences if you do not respond. Messages will ask you to update, validate, or confirm certain personal or account information and direct you to a website to complete the process. These websites tend to look very identical to the actual website of a legitimate organization.
How to prevent Identity Theft and avoid becoming a victim?
There are some necessary simple steps that you can take to prevent Identity Theft and significantly reduce your chances of becoming a victim. These include
1) Protecting Your Mail
Always make sure that every single piece of mail with any identifying information on it is shredded before you throw it away. Simply tearing it into a few pieces is not adequate protection. This only provides the thief with a reasonably basic jigsaw puzzle to your most valued information. Invest in a small shredder for your home. These are very inexpensive, especially when you consider that the minimal cost of the item could save you hundreds or thousands of dollars in the long run, not to mention a massive headache. If you can’t purchase one yourself, then take your mail to work with you and use the shredder in your office.
A locked mailbox will not wholly guarantee your protection from identity thieves, but it certainly may help dissuade their attempts to steal your mail. Look into purchasing a mailbox with a slot in the top for the mail to be slid into but where you need a key to remove it. This way, if your mailbox is broken into, you will at least know it right away and will perhaps be able to notify creditors, banks, and other companies before any real damage is done.
2) Safeguard Your PIN and ATM/Credit Card
Always make sure you are aware of where your ATM or credit card is at all times. When you hand your card to the cashier or the server at a restaurant, is that card ever out of your sight? Does it disappear for a moment underneath the counter while it’s in their hand, or is it left to sit on the far side of the counter until the transaction is approved? You may not be able to prevent the fact that the server needs to take your card with them to process it, but you can certainly be more aware of situations like this when they do occur.
Now that you know what ATM skimming is, you can be more aware of machines that don’t seem quite right. If a machine looks as though it has been altered or tampered with in any way, simply do not use it. If a machine has a sign posted on it telling you that the ATM instructions have changed or that you should swipe your card “here” first before inserting it into the reader, or something to that effect then it’s not a machine you should be using. No bank is ever going to post instructions such as these. Never give your PIn to anyone
If your card is not returned to you once you have completed the transaction or pressed the cancel button, contact your financial institution immediately.
Some Additional Preventative Measures are:
- Check your bank and credit card statements regularly and carefully to ensure no unauthorized transactions.
- Protect Your Personal Information
- Never provide anyone with information that they do not need regardless of what they claim their reason is for requiring it. Always keep in mind what one can do with a few critical pieces of information, such as your SSN or driver’s license number.
- Be mindful of who around you might be listening to your conversation when speaking either on the telephone or to someone in person and providing them with personal information.
- Never use your date of birth, SSN, or driver’s license number on job applications or resumes.
- Avoiding a Phishing Scam.
- Always use good anti-virus software and a firewall to prevent phishing emails from tracking your internet activities
- Never email personal or financial information – email is not a secure method of transmission
- Immediately delete any emails that appear to be fraudulent.
- Be cautious about opening any attachments or downloading files from email regardless of who is sending them.
- Do not reply to or open any links that are provided in phishing emails
- If you are concerned about an account that is referred to in an email, you are best to physically telephone the company whom the email is claiming to be from and ask them personally if there is a problem.
- Keep an eye out for bad grammar and misspelled words in phishing emails.
- Legitimate businesses and financial institutions are not likely to ask for personal information via email.
- When accessing a website, be sure that the site you are visiting is secure. Look for a lock icon on the status bar or a website that begins with HTTPS: (the “s” stands for secure).
- Ensure that all of your accounts require passwords to make changes or inquiries to them. Take advantage of Multifactor Authentication wherever available.
- When choosing a password, make sure you pick complex passwords (do not use family or pet names, etc.), do not use the same passwords for each account. A good solution here is to use a password manager.
- Avoid carrying your Social security card everywhere with you. Please keep it in a secure location only accessible by you.
- Make sure to go over your credit card statements regularly to ensure that all the information on them is accurate and that there has not been an unauthorized transaction.
What to do if you have become a victim of Identity Theft?
Sometimes, even though you have taken all of the precautions and care to protect yourself, you may become a victim of Identity Theft.
The most important thing here is to stay calm. Instead of losing time pondering over why it happened, you need to take charge and fix the situation.
Some steps you can Take to Recover Your Identity and Line of Credit are:
- Cancel all of your credit cards, debit cards and have new ones issued
- If your passport has been stolen, follow the US Department of State recommendation and report it lost or stolen (reporting it as lost or stolen)
- If your mail has been diverted, contact the post office.
- Apply for a new driver’s license
- Advise all of your utility companies (including home telephone and cellular service providers) that someone using your name may attempt to open unauthorized new accounts
- Contact the fraud departments for each of the three major credit bureaus to ensure that your credit reports reflect the case of identity theft and follow up with them after a couple of months to ensure that someone has not tried again to use your identity. This will also ensure that your permission is received before opening any new types of credit accounts
- Ask the credit bureaus for copies of your credit report so that you may carefully review them and ensure that no fraudulent loans or accounts exist.
- Notify your bank of stolen or misplaced checks, ensure a stop payment order is placed on them, and contact the major check verification companies requesting that they notify retailers using their databases not to accept the lost or stolen checks
- Contact the Federal Trade Commission who will assist you as a victim by providing information that will help you resolve any financial issues or other problems resulting from your identity theft.
Understanding your liability as a victim of Identity Theft
Let’s now discuss your liability as to the victim of identity theft depending on the specific situation.
1) Credit Card Liability
If you have been the victim of credit card identity theft, you may take some comfort in the fact that credit card liability is limited to $50. If you report the credit card lost before it is used, then you cannot be held accountable for any unauthorized charges that occur after that time. However, if the identity thief uses your card before you have reported it missing or stolen, the maximum amount you will be charged is $50. The same rule applies even if the credit card is used at an ATM to withdraw cash.
Beware of telemarketers who call to sell you “loss protection” insurance for your credit cards. These callers may trick you into believing that should your card be lost or stolen that you will be solely responsible for any charges made to it if you do not have the “loss protection”.
2) ATM and Debit Card Liability
Unfortunately, ATM and debit cards do not offer nearly the amount of protection that credit cards do in cases of loss or theft. In cases of Debit cards or ATM card theft, time is truly of the essence. When and if you notice a discrepancy, it is in your best interest to report it immediately to the issuing office. If you report the missing card before being used, your financial institution cannot hold you liable for any unauthorized use. If you report the incident within two business days of the loss, your liability is capped at $50. In cases where the report is made anywhere after two business days and before sixty days, you will be held liable for up to $500 of what the identity thief stole from you. If a victim were to wait more than sixty days, they could potentially lose everything that was stolen prior to reporting the card missing.
3) Check Liability.
In most cases, you would not be held liable in the situation of forged checks as the majority of states hold the bank accountable. However, this doesn’t mean that you have no responsibility in this situation. If you are negligent in notifying the bank within a reasonable amount of time that a check had been lost or stolen, or if you fail to monitor your account for unauthorized transactions, then the liability may well rest with you.
4) It’s Your Responsibility.
Always remember that it is your responsibility, do not be under the assumption that when or if identity theft hits you, the responsibility lies with someone else. It certainly may not be your fault when it happens, but you will be held accountable if you allow it to continue and assume that someone else will look after the mess. It’s your responsibility to protect your financial fate, security, and credit rating. Always take precautions, monitor your accounts, and act quickly if identity theft does occur. A prompt and efficient response to the matter is the best way for you to minimize your loss.
Conclusion
Remember that anybody can become a victim of identity theft. No one is entirely immune to it. However, if we are careful and cautious and do our part in securing our personal information and increasing our awareness of the various techniques that identity thieves use and how we can protect ourselves against them, we can significantly reduce our chances of becoming a victim.
Interested in kickstarting your career in Cybersecurity no matter your educational background or experience? Click Here to find out.
