Identity theft happens when a person uses your personal identifying information and poses as you to commit fraud or to gain financial benefits, explained Kim Porter of Norton, an anti-virus or anti-malware software product.
Personal identifying information could include your name, address, email, online credentials, social security number, and more. Thieves may sell the information on the dark web or commit identity theft if they have gained access to your information. Identity thieves may also open new credit cards or other lines of credit using your personal information, and make unauthorized purchases with your credit and debit cards. They use your personal data to pass an employment background check or rent an apartment.
Survey Reveals How Vulnerable Consumers Are to Identity Theft
Experian, a multi-national consumer credit reporting company, conducted an online survey involving 1,000 consumers aged 18 and above. The report found that consumers store an average of 3.4 types of personal identifiable information (PII) online. The most common information that consumers make available online were birth dates (76%), phone numbers (73%), credit card information (49%), and partial social security numbers (39%). Other information included bank account numbers (29%), full social security numbers (25%), and driver’s license information (22%).
Many Americans were aware that their online behavior could make them vulnerable to identity theft, but they still engage in risky behaviors such as using a public WiFi connection for online shopping (43%), sharing online account usernames and passwords with others (33%). Other people shared mobile device passwords (29%), shared credit card numbers or associated PINs (25%), and allowed someone to use their personal data to get a job or credit (20%).
The respondents also underestimated the general risks of identity theft and personal exposure. 62% answered that it was a minor concern they worried about sometimes while 17% did not worry about it all. Among those who did not worry about identity theft, 27% said they don’t share PII online, and 12% took security precautions. 9% said having bad credit or little money makes them feel like less of a target of identity theft while 9% said they only use secure websites.
Majority of the respondents felt very or somewhat informed about identity theft, fraud, and how to protect their PII and minimize risks, but 22% said they were not very or not at all informed. However, most respondents had misconceptions about it as 66% believed that the threat of identity theft is reduced over time after PII is stolen.
14% thought risks would just last a few days after information theft, 20% a few months, and 23% a few years. Only 44% knew the risk can last a lifetime. Slightly more than half of the respondents said they had either experienced identity theft or knew someone who had. Of those (22%) who had personally experienced identity theft, most of them reported significant negative effects as undermined effort in sharing information online (27%) and less comfort trusting others (12%). Other negative effects cited by the respondents were obstruction of short-term financial goals (9%) and damage to their credit report and/or credit score (9%).
Meanwhile, some respondents took action to ward off identity thieves, with 75% of them never sharing credit card numbers or associated PINS, 71% never shared their mobile device passwords, and 67% never shared their usernames or passwords for online accounts. 58% always or often use unique passwords for different online accounts and 57% never shopped online when using public WiFi.
How Can Malicious Actors Commit Identity Theft?
Cybercriminals may send emails or texts that appear legitimate and the links in these messages may prompt you to download malware, mining your device for personal information and sending it to a remote computer. Credit card or ARM card skimming occurs when criminals replace card readers with bogus ones or other point-of-sale systems. Sometimes, a small camera is installed to document entries such as ZIP codes and ATM PINs.
Identity thieves may access your personal data through dumpster diving in which these criminals steal mail and piece them together to commit identity theft. By stealing mail, they could gain access to your credit cards, bank details, and more. Further, your personal information could be sold on the dark web once a data breach occurs. There are instances when data breaches expose millions of personal information from users.
How to Protect Yourself Against Identity Theft
You can create unique, strong passwords for each account and device. Passwords should contain at least a dozen letters, numbers, and symbols. You can also create a long passphrase, making it harder for identity thieves to guess it but easier for you to remember. If you think your account has been compromised, change your password. Shred documents such as mail, receipts, and bills before disposing of them as they contain your personal information. Don’t give your personal details in a phone call you did not initiate. Avoid opening or clicking on suspicious links or attachments from unfamiliar sources or from recipients that claim to be from a legitimate organization.
It is also recommended to monitor your monthly credit card or checking accounts regularly, said Consumer Reports Money Adviser, via product reviews and ratings website Consumer Reports. Katrina Baum, acting division director and senior statistician at the National Institute of Justice, noted, “Almost a third of victims told us they became aware of an identity theft when they noticed missing money from an account." The numbers showed identity theft prompts consumers to be more vigilant when checking their financial statements and monitoring their account activity.
Check if your telephone bills have any unauthorized “cramming” charges for fraudulent services and purchases. If you think you have been a victim of identity theft, contact your creditors and financial institutions to report unauthorized charges or debits and request them to close compromised accounts. Don’t let the incident make you sign up for identity theft protection or credit monitoring services so long as they are free. This only happens for a period of time after corporate or government data breaches. Ensure that the breach notice is legitimate and cancel the subscription once the free period expires.
While users can create complex passwords or avoid connecting to a public WiFi when shopping online to reduce their risk of identity theft, they should also remember to shred mail or other documents that bear their personal information. Users can also report identity theft to their local cybersecurity department or financial institutions.