Identity theft has been around for hundreds of years - probably much longer than historical records show - and the expansion of technology has only made things worse.
The Internet, data breaches and your ever-growing digital footprint enable cyber-criminals and scammers to carry out digital identity fraud at scale.
We are here to help you gear up with essential information to fight against online identity theft. Keep reading for clear, actionable tips from Bitdefender cybersecurity experts.
Any digital identity theft definition includes a malicious actor that illegally acquires personal information (date of birth, social security number, credit card details etc.) and uses it for identity fraud (cloning credit cards, applying for loans, extorting the victim etc.).
Online, identity theft works largely as it does offline, with a remarkable difference. The massive volume of information attackers can find about you on the Internet and its level of detail makes their “job” much easier and significantly more lucrative.
Depending on the type of data involved, there are various kinds of identity theft cyber-criminals engage in:
Because your digital footprint extends far beyond its visible parts, it is difficult to notice when cyber-criminals profile your online persona and use it for malicious gain.
Here are the signs that indicate that fraudulent activity involves your personally identifiable information:
“Warning signs include getting bills for services that you didn’t commission. You may find online accounts for services you’ve never used - so somebody might be using your identity to create accounts for platforms or services they want to use.
Maybe the IRS notifies you that more than one tax return was filed in your name - which is a felony - and you may end up with legal charges.
You may sometimes even be notified that some information has been compromised in a data breach at a company where you have an account with - and that’s usually one of the signs that your personal data is exposed online.”
Liviu Arsene (Senior E-threat Analyst, Bitdefender)
Other red flags include strange transactions on your bank statement, collection agents contacting you to settle debt you have never taken on and medical bills for services you did not receive.
The sooner you identify an anomaly in your online and offline ecosystem of data, products and services, the faster you can act to reduce its impact.
Online identity theft examples range from fake social media accounts to child identity theft, with consequences ranging from short-lived effects to long-term impact.
The financial damages include:
Emotional impact is also part of the consequences of identity theft. Losing control over your data can be very upsetting.
While there are things you can do to keep safe, some elements will always be outside your control. Take data breaches and their role, for example:
“Most data breaches fuel digital identity theft and it’s not people’s fault. Some scammers are very convincing and could have fooled even the best-trained eye.
We’re interacting with the internet at a pace that we’ve never done before and this increases the chances of us becoming a victim.
Even the most security-aware people might disclose information sometimes. Other times, technology discloses that information for us: missed privacy settings, carriers that get breached and expose phone numbers and other personal information.
Reporting these incidents should be business as usual. It’s like having your car hit in the parking lot. It’s not necessarily your fault and it’s part of being online.”
Bogdan Botezatu (Director of Threat Research and Reporting, Bitdefender)
The tactics cyber-criminals use to steal people’s online identities are almost unlimited. Here is a list of digital identity theft tactics to watch out for:
“Imagine a phishing email that speaks your language.
It knows exactly that you have been interested in buying a new car and the exact type of car you want. The attackers know the amount of money you’re willing to spend, they know your zip code and can even try to give you a deal that is so good you can’t resist opening the attachment or clicking on the link.
That’s really all they need: to get you to do that specific action they need.”
Liviu Arsene (Senior E-threat Analyst, Bitdefender)
“Besides credential stuffing, there's also the case of having a malware infection that compromises your device.
Attackers will often try to plant threats designed to collect everything you type. That means every social network account, every password, everything you type into your keyboard can potentially reach the attackers and be used to compromise all of your accounts.”
Liviu Arsene (Senior E-threat Analyst, Bitdefender)
“Other examples may even involve getting the victim to disclose additional information.
If they impersonate a financial officer, then attackers call their victim and ask for additional details about the particular person they’re targeting. So identity theft can be used to further additional identity theft attacks.”
Liviu Arsene (Senior E-threat Analyst, Bitdefender)
“Cyber-criminals now gather information from websites that collect very little information up to websites that have our food ordering history. They stitch them together to create a very, very accurate mirror of what you are online.
Plus, anything is up for sale.
The most important information is the one which cannot be easily changed. Even if you can change your username or password, you cannot do the same with a social security number, your date of birth or your name. Those just stick with you for the rest of your life.
Health records are also becoming very important. This information can tell a lot about who you are, the services you are about to contract, the kind of goods on the internet you’re likely to purchase and so on. So, health records are becoming one of the most financially viable assets a cyber-criminal can collect about you.”
Bogdan Botezatu (Director of Threat Research and Reporting, Bitdefender)
Once cyber-criminals get a hold of your information, you can’t take it back.
This is especially true for non-perishable information such as your birth date, your parents’ names, your social security number, and other details that stay the same throughout your entire life.
“The thing about identity theft is it can have a very lasting effect. You cannot control the amount of damage it produces. However, you can mitigate it.
Many people do not realize their identity has been exposed until friends contact them, telling them they have been approached by scammers, which often happens with social network account hijacks or takeovers.
Sometimes, people realize their identity has been abused when they apply for a loan for a new home or a new car and realize their credit score has plummeted.”
Bogdan Botezatu (Director of Threat Research and Reporting, Bitdefender)
Once malicious actors have your data, it goes on to live in their systems and criminal infrastructure. They trade it on the Dark Web, so it gets multiplied. It also gets assembled with other details from subsequent attacks or data leaks in a never-ending, unpredictable cycle.
While there are many elements outside your control, there is also a lot you can do to keep tabs on your digital footprint and ensure you take essential steps to protect your online privacy.
Knowing what to do when you spot the signs of online identity fraud helps you act quickly to limit the damage.
Some of the immediate steps to take include:
To get more details, try this US federal government website dedicated to identity theft where you can notify the authorities and get a recovery plan.
Whether you want to learn how to prevent digital identity theft, to improve your online privacy or enhance your security on the Internet, the same golden principles apply.
Every time you use a stronger password, every time you ask yourself “why am I getting this request?”, every time you think twice about posting a picture of your home, you make it a bit more difficult for cyber-criminals to steal your digital identity.
If you think about it, that kind of makes you your own superhero. You are certainly ours for taking the time to read - and hopefully apply - this guide!
tags
Choose what the experts use. Award-winning cybersecurity you can trust and rely on.
View all posts