Identity Theft

What is Identity Theft?

Identity theft is a type of fraud in which an individual’s personal and sensitive information is stolen and used by someone else without the former’s permission or knowledge. When committed as a cybercrime, the impact of identity theft is elevated to a global level, capable of incredible damage to the victim.  Identity thieves aim to gain financial benefits or commit other fraudulent activities while impersonating the victim.

Types of Identity Theft

Identity theft can take various forms, with criminals using stolen personal information for different purposes, such as the following:

• Financial Identity Theft: This is the most common type of identity theft. It involves the unauthorized use of a victim’s financial information, such as credit card numbers, bank account details, and Social Security numbers, to make fraudulent transactions, open new accounts, or obtain loans or credit in the victim’s name.
• Criminal Identity Theft: In this scenario, an identity thief uses the victim’s identity when interacting with law enforcement, typically during arrests and investigations; this can result in the victim facing criminal charges or having a criminal record falsely attributed to them.
• Medical Identity Theft: Medical identity theft occurs when someone uses another person’s personal information to obtain medical treatment or prescription drugs, or file false insurance claims; this can lead to incorrect medical records and billing issues for the victim.
• Tax Identity Theft: In tax-related identity theft, fraudsters use a victim’s Social Security number to file fraudulent tax returns, claiming refunds or tax benefits that don’t belong to them. A victim may only discover this when attempting to file legitimate tax returns.
• Child Identity Theft: Identity thieves may target children because they often have clean credit histories. The thief might use a child’s Social Security number to open credit accounts or commit other forms of fraud, and the child may not discover this until they become adults and attempt to establish their own credit.
• Senior Identity Theft: Older adults can be particularly vulnerable to identity theft. Scammers may target them with various schemes, including fake investment opportunities, Medicare or healthcare fraud, or phishingWhat is Phishing?Phishing is a type of cyberattack in which attackers send fraudulent communications, or direct people to counterfeit websites in order to trick those individuals into revealing sensitive information,… More scams.
• Social Media Identity Theft: Some identity thieves gather personal information from social media profiles to impersonate individuals or steal their online accounts, potentially leading to cyberbullying, harassment, or further identity theft.
• Employment-Related Identity Theft: Individuals sometimes use stolen identities to gain employment; this can result in issues for both the victim and the employer when discrepancies in employment records and taxes arise.
• Synthetic Identity Theft: This form of identity theft involves creating a new identity by combining genuine and fake information. Criminals may use a valid Social Security number but pair it with a false name, date of birth, and other details.

Tools and Tactics used to steal identities

Identity thieves operate both online and in the physical world, using various techniques to gather information.

• Phishing and Scams: Scammers may use phishing emails or phone calls to trick individuals into revealing their personal information, including login credentials and financial details.
• Misrepresentation: An online criminal may claim that they are a relative, or an acquaintance of a friend in order to gain information.
• Skimming devicesWhat are Skimming Devices?Skimming devices are illicit tools used to capture data from magnetic stripe cards, allowing criminals to clone or misuse card information for fraudulent purposes. Understanding skimming devices… More: Criminals have devised clever mechanical devices to steal credit card and ATM card information from Point of Sale (PoS) terminals at markets, banks, and other merchants.
• Mail Theft: Stealing physical mail containing sensitive information, such as bank statements or credit card offers, can provide identity thieves with the necessary data to commit fraud.
• Shoulder Surfing: Criminals are known to photograph credit card information or other pieces of identification in order to commit identity theft.
• Dumpster Diving: Criminals will sort through dumpsters, or residential garbage pails to find documents that can aid them in building the information necessary to steal an identity.

Protecting yourself against identity theft

To protect against identity theft, keep the following best practices in mind when online:

• Use Strong, Unique Passphrases:
  • Create unique passphrases for each online account.
  • Avoid using easily guessable information like birthdates or common words.
  • The best way to manage all the passwords is by using a reputable password manager to generate and store your passwords securely.
• Enable Multi-Factor AuthenticationWhat is Authentication?Authentication is the process by which the identity of a user or system is verified. It ensures that the entity attempting to access a resource is who or… More (MFAWhat is Multi-Factor Authentication?Multi-Factor Authentication (MFA) is a robust security method that enhances digital identity verification by requiring users to provide multiple authentication mechanisms before gaining access to a system,… More):
  • Whenever possible, enable MFA for your online accounts. This adds an extra layer of security by requiring a second verification method, such as a one-time code sent to your mobile device.
• Beware of Phishing Attacks:
  • Be cautious of unsolicited emails, text messages, or phone calls that request personal information.
  • Verify the sender’s identity, and verify that the sender included any links or attachments before clicking on anything in emails.
  • Check for signs of phishing, such as misspellings, suspicious email addresses, and urgent requests for information.
• Regularly Update Software and Devices:
  • Keep your operating system, anti-malware software, web browsers, and applications up to date with the latest security patches.
  • Enable automatic updates whenever possible.
• Secure Your Wi-Fi Network:
  • Use a strong, unique password for your Wi-Fi network.
  • Enable WPA3 encryptionWhat is Encryption?Encryption converts readable data (plaintext) into a scrambled and unreadable format (ciphertext) using an algorithm and a key. The primary purpose of encryption is to ensure the confidentiality… More for enhanced security.
  • Change the default router login credentials.
• Protect Personal Information:
  • Limit the amount of personal information you share on social media and other online platforms.
  • Be cautious when sharing personal information with websites and only do so on secure, reputable sites.
• Monitor Your Financial Accounts:
  • Regularly review bank and credit card statements for unauthorized transactions.
  • Set up account alerts to notify you of unusual or suspicious activity.
• Use Secure Connections:
  • Only enter personal information on websites with “https://” in the URL, indicating a secure connection.
  • Avoid using public Wi-Fi for sensitive activities like online banking or shopping unless you use a Virtual Private Network (VPN).
• Be Cautious with Personal Documents:
  • Safeguard physical documents containing sensitive information, such as passports, Social Security cards, credit and ATM cards, and tax records.
  • Shred sensitive documents before disposing of them.
• Educate Yourself and Stay Informed:
  • Stay informed about the latest cybersecurity threats and best practices for protection.
  • Educate family members and friends about the importance of cybersecurity to create a safer online environment for everyone.

The Future of Identity Theft
Technological advancements will largely define the future of identity theft. Criminals may target biometric data, like fingerprints and facial recognition, for impersonation by hacking databases or creating convincing fakes. As the prevalence of IoTWhat is the IoT?IoT, or Internet of Things, refers to the network of interconnected devices embedded with sensors, software, and other technologies, enabling them to collect and exchange data seamlessly.This… More devices increases, hackers may exploit weaknesses to steal personal data or launch identity theft schemes. Emerging AIWhat is AI? Artificial Intelligence (AI) refers to the simulation of human intelligence processes by computers in an aim to mimic or exceed human cognitive abilities across a range of domains…. More technologies may enhance security but also aid cybercriminals, making identity theft attacks more sophisticated.  As personal information shifts to an entirely digital medium, it will become more difficult to protect.

For more essential cybersecurity definitions, check out our other blogs below: 

21 Essential Cybersecurity Terms You Should Know

40+ Cybersecurity Acronyms & Definitions