The Different Types of Identity Theft And How They Are Executed
Identity theft is a cybercrime in which the perpetrator uses someone else’s identity to secure benefits, obtain credit, or gain other financial advantages. Criminals use personally identifiable information, such as a social security number, driver’s license information, or credit card number to access an individual’s finances and take over their identity.
Although developments in cybersecurity technology have prevented some cases of identity theft, cybercriminals are becoming more sophisticated, making identity theft more difficult to detect and even more difficult to recover from.
Identity theft is so widespread that, a recent survey by F-Secure revealed, “71% of respondents say they feel that they will become a victim of cybercrime or identity theft”.
Assuming you’re in that 71 percentile, it’s probably time you put your cybercrime anxiety on the backburner while finding out what the different types of identity theft are and what being a victim of identity theft really means.
The Different Types of Identity Theft: Where Could an Identity Thief Access Your Personal Information?
#1 Account Takeover
This is one of the most common identity theft examples and can affect both existing accounts and new ones. Existing account takeovers are usually the result of some other form of cybercrime, such as a malware attack, data breach, or phishing scam.
Where could an identity thief access your personal information to conduct an account takeover? Some identity thieves physically steal the information, either by digging your bank statement out of the garbage or stealing your wallet and gaining access to your credit card information that way.
Others may entice you into handing the information over yourself by sending an email that appears to be from your bank or some other legitimate organization. If you click on a link in such an email, it will usually take you to a fake website that looks exactly like the one you usually log in to. Unfortunately, when you enter your login information on a phishing site, you’re handing that data directly to an identity thief who can then use that to make changes to your credit card or even access your bank accounts.
At the beginning of the year, an account takeover scam was having a field day with YouTube account holders, one of many identity theft examples of this nature. YouTubers were approached by a company supposedly offering payment in exchange for reviews. In reality, they were using sophisticated software to capture each user’s login information, thereby taking over that individual’s YouTube account and channel.
A new account takeover is slightly different in that it is an account that you aren’t aware of but that has been opened in your name. These types of identity theft are difficult to detect because you won’t receive account statements or any other information that might alert you to the incident. In many instances, cybercriminals will apply for a credit card in your name or create an online shopping account that you end up paying for.
Both new and existing account takeovers are common types of identity theft and ones that often target more mature people. According to the identity theft protection service, LifeLock, those over 60 years of age are more susceptible to identity theft than other sectors, with elderly identity theft accounting for around $2.9 billion a year.
#2 Tax Identity Fraud
Few us enjoy filing our taxes but filing your taxes only to find that, apparently, you already did it last week is an indication that you’re a victim of one of these types of identity fraud. Where could an identity thief access your personal information, especially data as sensitive as your tax records?
Many tax identity thieves use phishing to access their victim’s personally identifiable information (PII) but some rely on data breaches.
A recent case in St Louis saw one group of cybercriminals file “over 2000 fraudulent returns” after they breached a payroll company’s database, accessing the tax records of hundreds of Alabama and Mississippi school district employees.
Warning signs that you may be a victim of tax identity fraud include:
- More than one tax return has been filed in your name
- Records indicate that you received wages from an unknown employer
- The IRS informs you owe a refund tax or some other additional charges, or that you have actions against for failing to file a tax return
Tax identity fraud can lead to long delays in refund payments and victims of more complex cases could wait as long as six months for a resolution which is why you must respond timeously should you notice any suspicious IRS activity.
If you suspect you are a victim of tax identity fraud, follow these steps:
- Respond to the IRS notice issued asap
- Fill out the IRS Identity Theft Affidavit form (Form 14039) and submit
- Place a fraud alert with one of the three credit bureaus, Equifax, Experian, or TransUnion.
- Contact your bank and other financial institutions to ensure no other accounts have been tampered with
Tax identity fraud is one of the most common types of identity theft, accounting for 18.6% of all identity theft cases in the US in 2017. As of February last year, the IRS confirmed that it had identified over 3,500 returns which would have cost $15.8 million had they not been detected.
Keeping your social security number private and protecting yourself when filing taxes online by using a VPN and antivirus software are the first steps towards making your tax filing system more secure, although investing in the best identity theft protection services provides the best form of defense.
#3 Employment and Benefits Identity Theft
When someone else uses your social security number to apply for a job, they commit a crime known as employment identity theft. This is one of the most difficult identity theft examples to pick up on as it rarely has any immediate effect on the victim. Unfortunately, employment identity theft can do a lot more long-lasting damage than credit card fraud, for example.
Victims of employment identity theft could find themselves paying taxes on someone else’s income or finding that they’ve applied for employment benefits when, in fact, they’re still working. This happened to a UK citizen, Sean Owen, who says, “The whole experience has ruined my life and career”.
Mr. Owen lost his passport in 1999 and believes this is how the fake Sean Owen got his hands on his PII. “The imposter used real Sean’s National Insurance number to apply for employment support allowance and disability benefits totaling £58,789. The real Mr. Owen only became aware of the problem after undergoing an employment background check for a new position in 2010.”
Applying for jobs or employment benefits are difficult types of identity fraud to detect but one of the best ways is to check your annual Wage and Tax statement thoroughly or request a copy of your Social Security Earnings Statement which is a little more detailed so more able to shed light on any evidence of employment identity theft.
The best way to avoid benefits identity theft, and protect yourself against identity theft, is to register on the Social Security online portal. If someone else impersonates you on the portal, they could redirect social security account notifications so they can reap your benefits without you knowing.
#4 Synthetic Identity Theft
One of the newest and most sophisticated types of identity theft, synthetic identity fraud (SIF) uses a combination of some real information and some fake data to create a whole new identity. Where does an identity thief get personal information of this nature? In most instances, it’s stolen and it’s usually the victim’s social security number that the criminals are after.
Once they’ve secured that, they can make up names, addresses, and other information to create a complete profile of an imaginary person. “Fraudsters then use the fictitious identity to open lines of credit, secure auto loans, or scam government agencies in order to intercept tax returns and benefits pay-outs”.
Those committing synthetic identity theft target individuals that aren’t using their social security numbers regularly, in other words, they prey on homeless people, children, and even those who have recently passed away. This makes their actions harder to detect and, once the fictitious identity is complete, these cybercriminals can apply for credit and almost instantly create a credit history.
Online loan sharks will normally relent and lend a small amount of money which the perpetrator then uses to make small purchases, which are then paid off timeously, thereby boosting their credit rating. Once their credit gets to the desired limit, the offender will max out the cards, taking everything they can, before disappearing.
As more financial and government transactions are done online, so it becomes easier, in some ways, to create a purely digital identity. “It’s easier to impersonate someone online than it is in person, especially if the “person” exists only as a collection of data points”.
Although the US government are looking into new technologies like blockchain to reduce the threat of synthetic identity fraud, at present, financial crimes consultant, Dennis Lormel, says, “We are way behind the curve on SIF”.
Experts recommend that, while the government seeks a more effective solution, in the meantime individuals “need to be more aware of the threat posed by SIF and learn how to protect themselves – by freezing their child’s credit, for example, and regularly reviewing their own credit report for suspicious activity”.
#5 Biometric Identity Theft
Using a fingerprint, face scan, or other unique physical attribute is believed by many to be the answer to identity theft, but it may cause more problems than it solves. After all, you can generate a new password, but you can’t create a new set of fingerprints. Fortunately, it’s extremely difficult to impersonate an individual’s biometrics but, if someone managed to register their biometric while impersonating someone else by using their name and social security number, resolving the issue could be similarly problematic.
Another issue regarding biometric identity theft is the storage of individuals’ biometric data. Companies collecting consumers’ biometric information need to encrypt that data both when it’s in transit and in storage, to prevent it being leaked. Furthermore, with “the advancements in artificial intelligence, hackers could potentially compromise a biometric system”.
Researchers at New York University recently proved it was possible to “use artificial intelligence to match a large number of prints stored in fingerprint databases and could thus theoretically unlock a large number of devices.”
Biometrics might offer a safer alternative to passwords, but it’s by no means infallible. Many fingerprint-based systems, for instance, rely on partial prints as opposed to full ones so an identity thief could confirm their fake identity by recreating just a part of your fingerprint.
Until biometrics identity systems can “verify whether a fingerprint or other biometric is coming from a real person or a replica”, biometrics identity theft will continue.
When the US Customs and Border Protection was hacked last year, the risks of government agencies and private companies storing biometric data became apparent. According to a representative of the American Civil Liberties Union (ACLU), Neema Singh Guliani, “This breach comes just as CBP seeks to expand its massive face recognition apparatus and collection of sensitive information from travelers… [and] further underscores the need to put the brakes on these efforts and for Congress to investigate the agency’s data practices. The best way to avoid breaches of sensitive personal data is not to collect and retain it in the first place.”
Before you set up two-factor identification using your biometric data, do a little research and make sure whoever you’re handing your sensitive data over to has enough security measures in place to guard you against these types of identity theft.
In addition to these five common types of identity theft, other fraudulent activity to look out for includes:
Medical Identity Theft
Where an imposter uses your identity to hack into your health insurance and get medical care in your name. Not only could this leave you with a pile of medical bills, but it could also result in you being given the wrong treatment. With over 38 million healthcare records exposed by data breaches in 2019, this is a serious problem, so keeping a close eye on your healthcare insurance documents and keeping track of your medical appointments and procedures is vital if you are to avoid becoming a victim of medical identity theft.
Criminal Identity Theft
If a criminal manages to get his or her hands on your identity, they could use it to avoid a criminal charge by handing over your name to the police rather than their own. Where could an identity thief access your personal information? With these types of identity theft, the perpetrator has usually stolen a driver’s license or passport and simply swapped the original photograph with one of themselves.
In identity theft examples like these, you could end up with a criminal record that will show up on a pre-employment background check and could negatively impact your career and other parts of your life. To prevent criminal identity theft, keep your social security number, passport, and driver’s license in a safe place and alert authorities immediately should any of them go missing.
Child Identity Theft
While not particularly common, child identity theft often goes unnoticed, making it an attractive option for identity thieves. Parents may check their own credit history regularly, but few think of checking their children’s, which gives cybercriminals the freedom to run up debt in your child’s name or even apply for a loan.
Often, the child’s information is gleaned from a school or doctor’s database and then used to apply for benefits, open accounts, and borrow money and, while it remains less common than some other types of identity theft, “more than one million children were victims of identity fraud in 2017, resulting in total losses of $2.6 billion”.
Oddly, the perpetrators of child identity theft are often people who are close to the victim, like their nanny or a relative, which means the emotional cost of the incident is often more severe than in adult identity theft examples.
Online Shopping Identity Theft
Online shopping identity theft examples include shopping cart viruses as well as online shopping fraud. Where could an identity thief access your personal information? With shopping cart viruses, the perpetrator uses a process known as form jacking during which they insert malicious code into an online store’s website that enables them to steal payment card and personal account details.
Counterfeit sites and phishing attacks are other online shopping identity theft examples and, while the best antivirus software can protect you against many of these, and warn you about shopping cart viruses, but you also find out more about staying safe online by reading our top 5 cybersecurity tips for 2020.
Internet of Things Identity Theft
As we make our homes smarter, so we expose ourselves to other types of identity theft. An identity thief needs data to commit their crimes and connected devices have that in spades. Perpetrators of IoT identity theft target smart devices like fitness trackers and smart TVs from which they can glean PII including your date of birth, address, health history, and credit card information.
Some smart TVs also automatically contact third-parties, like Amazon or Google, “Allowing them to log data profiles on customers”. Even using a VPN “had minimal impact” on these notifications, leaving VPN users as vulnerable to an IoT identity theft attack as anyone else.
At present, experts say there are few solutions other than “not to bring these devices into your home”.
How to Prevent Different Types of Identity Theft
While IoT identity theft may not have a viable solution at present, the best identity theft protection services are giving users one way of boosting their security and preventing all types of identity theft. ID protection apps, like Identity Guard, can help prevent identity theft by constantly monitoring millions of different bits of information that form your digital identity.
By incorporating IBM Watson’s artificial intelligence technology into its ID protection software, Identity Guard digs deeper into the Dark Web than most other ID protection apps, meaning it can detect threats more easily and give you more comprehensive protection.
ID protection services will alert both the account holder and credit bureaus in the event of any suspicious activity, while also ensuring their clients against identity theft and offering recovery support to those who do fall victim to this type of attack.
Identity Guard isn’t free but with subscriptions starting at $7.50, it’s a lot cheaper than shelling out $683 to an identity fraudster, which is the average cost of identity theft in the US at present.
Identity Theft Predictions for 2020
As technology becomes increasingly sophisticated, so do online crimes like identity theft, and cybersecurity experts are predicting an upsurge in the use of Deep Fake technology to defeat facial recognition controls and steal identities. Meanwhile, others are anticipating a substantial increase in synthetic identity theft, with losses “projected to climb to $1.25 billion” this year.
As the threat of all types of identity theft looks set to increase in the new decade, so legal experts are hoping to introduce new laws to deal with some aspects of identity theft. In both South Carolina and the State of New Jersey, moves are being made to force the New Jersey Motor Vehicle Commission other similar organizations to compare its records with the Social Security Administr5eaqion’s death records to ensure licenses aren’t being issued to the deceased.
Other trends include the rolling out of artificial intelligence technology to combat all types of identity theft, including those that use lasers to hack into smart speakers and steal your voice which they can then use in voice-recognition software to steal other aspects of your identity as well as your money.
Identity theft may have eased off between 2017 and 2018, but the cost of such attacks is rising, and the types of identity theft scams are becoming increasingly sophisticated. There are a variety of identity theft examples that you need to look out for, with the most prevalent being account takeovers. According to the 2019 Identity Fraud Study released by Javelin Strategy and Research, the cost of new account identity theft increased from $3 billion in 2017 to $3.3 billion in 2018 while incidents of smartphone account takeovers grew from 380 thousand to 679.
Although some cybersecurity tools, like VPNs for example, can substantially increase data protection and reduce the risk of identity theft, “75% of consumers fail to use a VPN to protect their Wi-Fi connections”.
The cherry on top in terms of identity theft protection is to use a piece of software that monitors your personal information constantly and alerts you the moment it appears to have been compromised. Identity Guard provides a high standard of protection against all types of identity theft and uses artificial intelligence to anticipate other cybercrimes, such as cyberbullying.
Keep tabs on your personal information or, better still, let Identity Guard keep tabs on it for you, and reduce your vulnerability to identity theft attacks. As we embrace the new decade, make sure you remember Mrs. Incredible’s wise words of warning: “Your identity is your most valuable possession. Protect it”.