Identify theft: what is it and what can you do to protect yourself

Identity theft is a fancy word to describe impersonation. The theft occurs when someone is able to get hold of sufficient information about you to allow them, in effect, to become you or impersonate you. This can happen both online and off the internet. We’re going to focus on online ID theft risks and ways of managing those risks here, as it is the preferred method for criminals, given the vast amounts of personal information that is floating around on internet platforms.

There are several reasons why people may want to assume somebody else’s identity. Here’s a few.

  • For financial gain
  • For personal gain
  • To commit a crime
  • To defraud you of your assets

financial gain

This one is easy to understand. Put yourself in the ID thief’s shoes for a minute. If you wanted to apply for a credit card or better still, a store card, you can use the stolen identity along with the stolen date of birth, address details and full name and telephone number on the application to order a new card and get it delivered to a different address or a PO box address.

In the case of a store card, you are in most cases, given a temporary card that you can immediately start using to make purchases without having to wait for the proper card. The ID thief obviously has no intention of paying back any of this money that is spent on the card in your name or your children’s name. It’s usually too late before you find out about the financial fraud being committed.

For Personal Gain

In the same vein, the ID thief could order a whole host of things other than a credit card. For example, they could easily order a mobile phone contract in your name along with all the bells and whistles with a quarterly billing cycle. They can have the SIM card and the mobile device delivered to a different address to yours and fully consume the service for months.

By the time you find out about it, most likely as a result of having received a bill from the mobile operator, it’s too late. Or they could equally get a car loan with 0% deposit in your name or your child’s name and drive away with a brand-new car and you will be none the wiser until you get a bill in the next quarter.

Even riskier are those that pay the bills on time and continue to use their ill-gotten goods such as a car or mobile phone contract on somebody else’s name for years without raising any alarms. The only way you are going to find out about it is if you make an application for a loan or apply for a new bank account or a new credit card or any other service that relies on a credit check to determine your creditworthiness.

To Commit A Crime

Financial fraud, believe it or not, is not the scariest thing or the most serious thing about identity theft. It is the possibility that someone might commit a crime using your, or your children’s identity. Criminals used to assume false and made-up identities but the simplicity with which identities can now be stolen online is changing all this. Criminals much prefer to use a real identity, one that is not associated with them personally.

To Defraud You Of Your Assets (Or Your Children’s Assets):

We’re not talking about tangible assets here but those that are almost invisible but are assets nonetheless. For example, your tax file and history with the HMRC, your driving license history and your driving record, or your PIN numbers. Think about the scenarios that could play out if the imposter were to get hold of your details to pick up a job using your tax ID (for example, your national insurance number).

They’ll happily collect their pay check and leave you to sort out the tax liability. The asset that gets damaged in this case is your record with the HMRC. Equally, if the ID thief were to contact your institutions using your details (for example, your college, your bank, your employer, your online service providers) to report a loss of your PIN numbers or feign forgetfulness and request a new set of PIN numbers or request a reset of your passwords, imagine what they could get their hands on.

Or imagine if the ID thief were successful in applying for a student loan in your children’s name and got their hands on the maintenance part of the loan, which is there to help cover living costs, such as accommodation, food, and so on. The maximum maintenance loan students can get this year (2019/20) is £8,944, and that figure is big enough to entice a criminal who can leverage identify theft to get their hands on that money before your children do.

what you should avoid doing online

  • Avoid: Knee jerk reactions to emails or ads that promise something for nothing (Greed)
  • Avoid: Knee jerk reactions to emails or ads that are designed to scare you (Fear)
  • Avoid: Connecting to unsecure and unknown networks – both wired and wifi
  • Avoid: Giving away the 3 key pieces of information required for identity theft in any one transaction (your full name, your date of birth, and your full address), especially if they are surveys
  • Avoid: Using your biometric data, such as your fingerprints or your facial map, to login to online services, unless absolutely necessary
  • Avoid: Using password reminders that make it easy to guess your password
  • Avoid: The prioritisation of convenience over privacy and data security
    Avoid: Giving away your personally identifiable information and sensitive information, unless absolutely necessary

Why do identity thefts happen online

Here’s a few reasons why identity thefts happen online

Don’t respond to that survey which promises to give away a free holiday or a free car

You might wonder why innocent sounding surveys do start off with easy questions about the product or service and then move into questions such as your income range, education level and marital status. What’s that got to do with the product or service? The answer may be the harvesting and widespread processing of Personal Data. Not just any personal data but one that can be sold and resold on the internet.

If you do want to indulge in surveys despite the risks, ensure that you are not inadvertently giving away the three key pieces of information that could facilitate identity theft – your full name, your full address and your date of birth.

Fear is a popular lever for ID thieves wanting to steal personal and financial data. We all react immediately, and often without thinking through the consequences, when we feel anxious, worried or under pressure and ID thieves love to put you under pressure.

For example:

Your email account is hacked, give us your money and we’ll restore it*

*This is commonly known as phishing.

Oxford English dictionary’s definition of phishing:

Phishing: the activity of tricking people by getting them to give their identity, bank account numbers, etc. over the Internet or by email, and then using these to steal money from them.

Would you like to save your password for this site?

Seeking convenience is also a factor in facilitating identity theft. We all have multiple devices and multiple accounts, and as a consequence multiple user IDs and passwords. One of the outcomes of this proliferation has been the development of online password managers (websites that save your login details and promise to free you from the hassle of having to remember hundreds of passwords).

Would you like to sign in with your fingerprint next time? Or how about facial recognition?

Biometric data is one of the most sensitive types of data when it comes to your privacy. You always have the option of resetting or recreating your passwords in case of a security breach but if you lose your biometric data, your options around getting a different set of fingerprints and irises are quite limited.

what can you do to protect your identity online

  • Keep an eye on your credit report, and regularly check your credit report for any surprises or unexpected entries
  • Enable Two Factor Authentication and strong passwords for all supported apps, websites and online services that rely on your personal data
  • Keep your devices updated, and use well known anti-virus, firewall, VPN software to protect your devices
  • Use up-to-date and secure browsers, such as Firefox for example
  • Only connect to safe, known networks – both wired and wifi
  • Always ask why an organisation wants your personal and sensitive data (such as your date of birth, your tax ID, your national insurance number) before deciding whether to share it
  • Always use encryption where possible
  • Opt-out of surveys and marketing lists
  • Read privacy policies

If you’ve been scammed, defrauded, or experienced cyber crime, report it to Action Fraud, the UK’s national reporting centre for fraud and cyber crime.

©ParentSecure 2021