Identity fraud is the use of false identifiers (false or fraudulent documents) or a stolen identity (identity theft) to commit a crime. It often begins with a “breeder document,” such as a driver’s license or birth certificate, which criminals obtain or create using stolen or fabricated identification data such as date of birth and government identity numbers (such as passport number or social security number).
This breeder document is then used to create other documents to enable the creation of a credible identity, providing a criminal with an identity they can use to get credit cards, set up bank accounts, access information, apply for mortgages, make purchases and much more. They can use this identity to commit criminal activity, such as human smuggling, human trafficking, money muling, drug trafficking, cybercrime, terrorism and more.
Identity Fraud Vs. Identity Theft
Identity fraud encompasses identity theft: identity theft is the theft of personal or financial information and identity fraud is the use of that stolen information.
Who Do Cybercriminals Target?
In the U.K., identity fraud hit an all-time high in 2022, with cases increasing by a quarter that year. Over 277,000 cases of identity fraud were recorded in 2022, which is the highest number of cases ever recorded. Most victims of identity theft are over 31 years of age and statistics also show that there has been a significant rise in victims over 61 years of age.
Although older adults are the most common target of identity theft, people of all ages can become victims, including children. Children’s details, such as their name and government-issued identification such as social security number, are attractive to cybercriminals because the crime has more potential to go undetected for a longer period, for example until the child is old enough to apply for their first loan or credit card. Research suggests that one million children in the United States were the victim of identity theft in 2017.
The Crime of Carelessness
Criminals also use identity theft as a cog in the machine of cybercrime, for example stealing the credentials of an individual and using them to gain access to their company or personal accounts, going on to steal further information, steal funds or infect the system with malicious software. Criminals use identity fraud for all sorts of purposes, including purchasing goods, getting credit cards, opening accounts such as phone accounts, taking out loans, carrying out tax fraud, applying for government benefits and loans and more.
“I didn’t pay enough attention to how I managed sensitive information or stayed alert when asked for personal documents.”
Criminals can use personal and financial data that they steal to carry out more crime under a false name and with false details, as in Estok’s case with a criminal in China using her details to smuggle women into the United States. Criminals use the data of identity theft victims in many crimes, for example using stolen credit card data to set up scam sites with the victim’s information.
This makes it harder for law enforcement to identify the true perpetrators, with the digital finger pointing at the identity theft victim. This is one reason why it is so important to be alert to the signs of identity theft and report it to the authorities. I asked Sandra Estok if she knows how her identity was stolen, and this is what she shared.
“In hindsight, I was unaware. I didn’t pay enough attention to how I managed sensitive information or stayed alert when asked for personal documents. I would casually provide my passport, credit card, etc. without considering the implications. I entered data on questionable websites and freely handed over identification when requested without thinking twice. It pains me, but this lack of mindfulness left me susceptible to theft.”
We can all be distracted, trying to multitask through our busy days, which can be a factor in oversharing or being socially engineered.
How Can You Avoid Identity Theft?
As a victim of identity theft who has now become an award-winning author, podcast host and international keynote speaker on the topic of cyber security, I asked Estok what advice she has to be more secure online.
“There are three fundamental choices to be more secure online. First, be intentional in everything you do. Act on purpose, whether sharing and connecting with your friends online, sharing personal information and more. Second, be aware. Cultivate cyber knowledge and integrate it with every aspect of your life, and notice what happens to you physically, mentally and spiritually. Cyber knowledge helps you regain your power and make the changes you need so you will be in charge of your cyber safety.
And lastly, be mindful. Be fully present in all you do whether online or offline. Pay attention to your surroundings because when we are more present, we make better decisions. A simple way to be mindful is to pause and breathe before your next click.”
This focus on mindset is so important, because cybercriminals continuously evolve their tactics to evade our defenses. Criminals have adapted to new measures by moving beyond phishing emails to phishing messages, phone calls, and phishing over social media and QR codes.
We also see this with the use of deepfake technology in social engineering. Having strong situational awareness and being mindful with our approach to technology and information helps us take a more strategic approach.
5 Ways to Protect Yourself from Cybercrime
With this mindset, there are practical steps we can all take. First, reflecting on the statistic that it takes the average victim seven months to know their identity has been stolen, it is important to be aware of the signs of identity theft. These include being alert to unexpected activity with financial services, such as transactions on bank statements that you do not recognize, unforeseen issues with credit or receiving unexpected bills.
Look out for issues with paperwork, too. If you receive notice that you unexpectedly owe tax or have apparently filed multiple tax returns, these would be red flags, as would any unanticipated changes to your personal information, such as your address, on accounts.
Being aware of the signs of identity theft, such as those listed above, is important so that we can spot if something untoward is taking place. There are also proactive steps we can take to minimize the dangers of being a victim of identity theft.
- Protect electronic information by using strong PINs or passcodes on devices and using strong passwords and two-factor authentication on all online accounts; install updates on devices as soon as they become available and wipe electronic devices before selling or disposing of them.
- Protect hard copies of data by keeping all important documents in a safe place and running it through a cross-shredder before disposing of it.
- Be alert to social engineering and be mindful of information you share online, for example on social media.
- Regularly review your bank statements, credit card bills and credit score for anything unusual and consider credit monitoring and freezing, if this is available to you.
- Report lost or stolen items immediately, such as your government ID, passport, wallet and devices, as the information they contain could be used to steal your identity. If you think you may have been a victim of identity theft, contact law enforcement, credit agencies and your bank, keeping a record of who you communicate with and tracking names, dates and information exchanged as much as possible.
This edited extract from Hacked by Jessica Barker is ©2024 and reproduced with permission from Kogan Page Ltd.