Well, have you ever heard the saying, “everyone’s a somebody to someone”?

That’s especially true when it comes to Identity Theft. Even if you think your life is boring, your identity could be the missing piece of the puzzle that a thief needs to commit a heist – or at least buy a fancy new TV on your dime.

“Identity Theft is the new crime of the information age. A criminal collects enough personal data on someone to impersonate a victim to banks, credit card companies, and other financial institutions,” wrote cybersecurity researcher Bruce Schneier.

Identity theft can happen in the simplest of ways, noted a US government advisory. All a thief needs is enough personal information to impersonate you.

This could be as simple as your name, date of birth, and Social Security number. With just those pieces of information, a thief could open credit accounts, take out loans, or commit other fraudulent activities in your name.

Identity theft: What’s the need?

Criminals often need a fraudulent garb under which they may hide their true identity. They may also need it to appear legitimate and pass security checks at various avenues and outlets.

The motive behind identity theft can be financial, state-sponsored spying, or tricking users into giving personal details the scammer needs for other frauds.

Having a clean slate without any criminal records adds a perk to stolen credentials as cyber criminals use it to cover their identity using the stolen data.

A fraudster usually steals personally identifiable information from the victim usually via a phishing email, hacking their systems, or hacking the Internet of Things (IoT) devices like a smartwatch.

From stealing data using social media accounts or actually breaking in to steal documents physically, criminals use a wide range of options to get data for identity theft.

What are the different types of identity theft?

Tax ID theft, medical ID theft, and unemployment ID theft are some of the common types of identity theft.

Availing benefits of schemes or services, such as unemployment benefits, can be done using stolen data that matches the description of someone eligible for it.

Scammers may exploit identity theft to file tax returns, avail medical benefits in the form of Mediclaim, claim various insurance, and withdraw money from banks using the account holder’s details.

“Governmental identity theft occurs when someone fraudulently shares your personal information with the government. One example is tax-related identity theft,” notes a report by Norton Lifelock.

Moreover, identity theft can be exploited for serious crimes by using someone else’s photo and details to create duplicate passports, or official documents, to get admission into security or defense for cyber espionage.

Identifying identity theft

Pay attention, and we can easily spot some signs of identity theft, said a McAfee report. A sudden decrease in credit scores, receiving letters at home in someone else’s name, bills of services not opted for, etc. are all clear warning signs.

On the other hand, when legitimate users apply for the same benefits, they may be denied access due to duplication since the system may display that they have already availed the services. Such fraud must be reported at the slightest of signs to prevent the further misuse of one’s data.

It is imperative to safeguard one’s data and discard sensitive documents appropriately. Deleting online accounts and sensitive data available publicly or shared with third-party is also necessary.

How to prevent identity theft?

Preventing identity theft requires diligently withholding Personal Identifiable Information (PII) and Protected Health Information (PHI), among others.

Steps to prevent identity theft:

1. Securing the documents including tax and financial statements containing the Social Security Number (SSN) by neither always carrying it in the bag or wallet nor handing it over to unauthorized officials.
2. Being vigilant while sharing birthdate, login data, name, address, bank data, crypto wallet information, and health information over emails, calls, SMS, or other such media. Often scammers create urgent-sounding communications asking to ‘update’ data with a sentence including ‘or else’ to create fear. Always call, email, or visit the company office to discuss personal information. It is essential to check and confirm before reacting.
3. Enabling OTP, two-factor, or multi-factor authentication for logging into any account is good practice to hinder scammers from getting access to accounts.
4. Using a Virtual Private Network (VPN) can help in preventing unauthorized access to one’s data while using public Wi-Fi networks.
5. One of the most important aspects of cyber hygiene is to update all the applications and software as and when they are made available. Avoiding vulnerability exploitation and unauthorized access are only a patch update away.
6. Reviewing account logins, login time, login devices, and addresses, if available, and checking credit reports is helpful in monitoring changes that could help prevent a larger cyberattack or loss.
7. Creating difficult passwords and keeping virus detection active all throughout can also go a long way in protecting against identity theft and creating a barrier for hackers.

How to recover from identity theft?

After the damage is done, certain stringent steps can be taken to stop further attacks and to increase protection from future identity theft.

Scammers may keep the credentials of victims even after exploiting them to the fullest. Schemes, offers, benefits, and services are ongoing or periodically renewed, which means identity records can be reused.

Freezing one’s credit or setting up a fraud alert is essential to prevent further financial losses.

Changing login credentials from every account, regardless of them being accessed by hackers, is recommended because not having any illicit activity on the account may not guarantee it may not happen in the future.

Upon receiving any SMS, email, call, letter, etc., about transactions or activities that one has not initiated, it must be carefully checked and reported without delay.

How to report identity theft?

If you believe that you have been a victim of identity theft, it is important to take immediate action to protect yourself and minimize the damage that may have been caused. The process may differ based region, but there are some common steps that must be followed:

Contact your bank or credit card company to report the fraud and request that they freeze your accounts or issue you new account numbers.

Contact any other financial institutions where you have accounts or operations, including loan providers and investment companies.

Contact the local police department and file a report. Be sure to keep a copy of the report for your records.

Contact your telecom service provider, particularly when your phone SIM or the internet service ID have been cloned.

Keep a record of all your communications and transactions related to the identity theft, including copies of letters, emails, and receipts.