Scammers have outpaced cybersecurity expert predictions since 2019, and there seems to be no end in sight, especially in identity theft which affects as many as 1 in 10 Americans annually.
Most identity theft cases stem from phishing attacks, ransomware attacks, and supply chain attacks.
In phishing attacks, fraudsters impersonate real individuals or businesses and send texts or emails containing links to fake websites. There, fraudsters prompt an unsuspecting victim to provide their personal information, including name, address, credit card details, or bank account details.
Other times, scammers impersonating the employees of a legitimate company call unsuspecting victims and steer the conversation to con the victim into revealing personal data. 1 in 3 Americans received such scam calls in the past year alone. Many of the persons who have been targeted also report receiving as many as three phishing texts requesting them to complete a survey where they would have to provide personal information.
Scammers also use VoIP technology to conceal their identity or spoof their numbers to make the Caller ID appear legitimate. Call blocking helps protect victims from scammers who spoof their numbers. Listing one’s number on the national do not call registry can also prevent unsolicited calls, but this measure only bars legitimate telemarketers from reaching out.
Likewise, software packages scan emails containing phishing links, and security experts recommend installing a trusted package for increased web security. Notwithstanding using software, recipients of unsolicited phishing texts or emails must take care not to click suspicious links. Also, they must watch out for websites that prompt them to provide sensitive information. An effective way to confirm that a website is secure is if the website uses HTTPS encryption. So, if the URL starts with “https,” it should be safe to provide one’s card details when performing an online transaction.
Also, consider using trusted VPN providers to conceal one’s identity when browsing online, especially on public Wi-Fi. A VPN encrypts data, hides the information, online activity, and communications by scrambling the IP address – the unique identifier for anyone’s personal computer. This way, everything that anyone does online is safe from prying eyes.
Besides phishing texts, emails, and calls, there are other elaborate ways that fraudsters steal a person’s identity. Tech-savvy scammers can exploit security vulnerabilities in a computer’s operating system and steal sensitive information. Most organizations alert their customers to a security breach as soon as possible. For example, Microsoft recently announced a security alert and advised users to update their OS to prevent hackers from accessing their personal computers remotely.
Yet, remotely accessing a user’s personal computer is not the only way fraudsters steal a person’s identity. Another common way is shoulder surfing in public places like at the ATM, bus, or park, where someone can look over the user’s shoulder with the intent to steal their personal information. Security experts recommend covering the screen when entering personal data in a public place.
Even when protecting one’s screen when inputting sensitive information, an identity thief could have replaced the device or platform such as an existing ATM or credit card reader. The thief can read their victim’s credit card numbers and card PIN this way, so watch out for a card reader or ATM different from regular ATMs or card readers. The best way to prevent this is to confirm that it is a legitimate machine with the device owner or use alternative payment methods.
Sometimes, identity thieves impersonate service providers or employers through the phone to obtain personal information, e.g., credit reports, or answers to security questions. Scammers use credit reports to search for credit cards or accounts that aren’t frequently used. They can also request a new card in their victim’s name and have the creditor mail it to them. Armed with a card in their victim’s name, identity thieves quickly rack up charges before disposing of the card.
If there are suspicions that a scammer has obtained credit reports, victims may place a free security freeze on their credit report immediately. Financial experts also advise that dormant credit cards and financial accounts are closed for better security.
Yet another method of identity theft is when scammers rummage through trash for discarded utility bills, bank statements, or credit card information. Some identity thieves also steal these sensitive documents directly from their victim’s mailbox. So, consider shredding the financial documents and using a post office mailbox and have new mails containing sensitive documents delivered there rather than to personal home addresses.
The Federal Trade Commission (FTC), the Internal Revenue Service (IRS), and the Department of Justice (DOJ) provide additional information on keeping one’s identity safe.
Meanwhile, persons who have been victims of identity theft must take action immediately. First, create an identity theft report with the Federal Trade Commission. This report is the first step to recovering one’s identity, and the victim must do it as soon as they notice they have been a victim of identity theft. The FTC will create a recovery plan based on the information they’ve provided in the online report.
Next, activate an extended fraud alert, which requires a business to verify one’s identity before it issues new credit. This alert is free, but it is only available to victims who have created an identity theft report with the FTC. When a fraud alert is activated, the victim must also prepare a list of fraudulent activity linked to the identity theft and forward it to the three credit bureaus, i.e., Equifax, Experian, and TransUnion.
Following that, a police report should be filed for a fraud affidavit. Creditors or the Federal Trade Commission will supply the necessary forms. Submit these documents to creditors’ fraud department, which will then conduct an investigation.
Following the investigation, the victim will need to restore their credit rating. So, they will have to get letters from their creditors certifying that identity theft has been detected and also that they have expunged the history of fraud on the victim’s account. Also, the victim will have to request that their creditors send the same letters to all three credit reporting bureaus and keep a copy for themselves.
As identity thieves become more sophisticated and aggressive, such identity theft incidents can be avoided by using protective measures. While many of these measures require a small fee, the cost is nominal compared to the cost of being a victim. And if someone steals one’s identity, there are steps that the victim can take and resources they can use to get their life back on track.