By spotting these early warning signs of identity theft, you can minimize the impact on you and your family
We’re all spending more of our time online. Last year, US adults spent one hour more per day on digital activities across all of their devices than they did in 2019. By the end of 2022, we may be spending more than eight hours in the digital world each day. An unfortunate consequence of this behavioral change is that we’re sharing more of our personal data and login credentials with the companies we do business with than ever before. And cybercriminals, in turn, are stealing that data from these organizations, as well as directly from us.
In the US this year, by the third quarter there had already been nearly 1,300 publicly reported breaches of this kind in 2021, more than for the whole of 2020. Hundreds of millions of victims were put at risk of identity theft as a result. So how do you know if you’ve been affected by one of these incidents? By spotting the early warning signs, there are ways to minimize the impact on you and your family.
The cybercrime economy is worth trillions of dollars annually today. There are many constituent parts and participants. The criminals who breached data from an organization in the first place are unlikely to be the same ones who attempt follow-on identity fraud, for example. Typically, the stolen data is sold on specialized dark web forums. Then it is bought en masse and tested by identity fraudsters. They may sell the pre-tested data onwards again, or use it themselves.
Depending on the type of identity data, it could be used to:
Given the large number of possible identity theft scenarios, it pays to stay alert. Of course, the biggest warning sign that your identity data could be in danger is if you receive a breach notification letter. It goes without saying that you should read it carefully to understand the possible implications. Other tell-tale signs include:
Even small discrepancies can sometimes indicate fraud, as scammers often check the validity of stolen cards with innocuous-seeming purchases before ramping up their activity. If something doesn’t look right, put a freeze on the card/account. This can often be done via your mobile banking app. Then immediately contact your banking/card provider.
If attackers get hold of your log-ins, the first thing they’ll do is change the password in order to lock you out. Alternatively, if they’ve managed to trick your mobile operator, they will get them to port your number to a device under their control. This is known as SIM swapping and is particularly dangerous as it means they’ll be able to intercept any one-time SMS passcodes often used by banks to validate your identity.
Another common strategy is to use stolen Social Security numbers and other personal details to file personal taxes early, impersonating the victim. The hacker is then able to fraudulently claim any tax refunds due. If you find you’re unable to file your taxes, this could be the reason.
If you get a medical bill for services you never received, or try to submit a claim but it’s rejected because you’ve already reached the limit pre-assigned by your provider, identity thieves could be to blame. Especially in countries with private healthcare systems, such scams can be highly lucrative.
If an identity thief has racked up a huge credit card bill or similar debt in your name and then vanished, it’s only a matter of time before the lender asks a collection agency to investigate.
What to consider if your identity has been stolen
The first step is not to panic. Inform your bank/card provider/insurer immediately, and report any suspected crime to the authorities. In the US, report an incident and receive a recovery plan at: IdentityTheft.gov. See below for authorities in other countries:
UK: CIFAS and Action Fraud.
Canada: Canadian Anti-Fraud Centre
New Zealand: Contact the police or one of these specialist organizations.
Australia: ReportCyber
There’s only so much you can do to prevent breaches if they’re targeted at the organizations you do business with. But there are some preventative steps you can also take in case fraudsters try to target you directly. Consider the following:
We’re all likely to experience some form of identity theft in our lifetime. The key is to do as much as possible to minimize the chances of it happening. And to stay alert, so that when the bad guys do get hold of your data, you can shut down any scams ASAP.