What Is Identity Theft?
Identity theft, also known as identity fraud. It is a crime in which an imposter obtains key pieces of personally identifiable information. Such as Social Security or driver’s license numbers, in order to impersonate someone else.
The information can be used to obtain credit, merchandise and services in the name of the victim, or to provide the thief with false credentials. In addition to running up debt, in rare cases, an imposter might provide false identification to police, creating a criminal record or leaving outstanding arrest warrants for the person whose identity has been stolen.
How Is Your Identity Stolen?
Your identity and personal information is always at risk and can be stolen long before you realize you’re a victim. In most cases of identity theft, you don’t find out you are a victim until you review your credit card statement or receive notices in the mail about new accounts you didn’t open, charges you didn’t make, or until you’re contacted by a debt collector.
There are a lot of signs of identity theft to look out for. Here is a list of the 10 most common ways your identity may be stolen:
- Data Breaches
- Internet Hacking
- Dark Web Marketplaces
- Malware Activity
- Credit Card Theft
- Mail Theft
- Phishing and Spam Attacks
- WiFi Hacking
- Mobile Phone Theft
- ATM Skimmers
Information Are Used for Identity Theft
We tell you regularly to make sure you protect your data. But it’s not always clear exactly how you should do that. You know that personally identifiable information should be protected, but what, exactly, qualifies as that? And which pieces are valuable? These 10 pieces of information are the ones that thieves are looking for, and that you should protect most zealously.
1. Date and Place of Birth
Like your social security number, your date of birth is used in a variety of ways to confirm your identity. It’s often used as a secondary confirmation measure by online accounts if you need to reset your password. And it’s on most official forms that you’ll fill out, from governmental paperwork to financial accounts.
Unfortunately, most of us have a tendency to plaster our dates of birth all over the Internet by attaching them to our social media and loyalty accounts. Automated “Happy Birthday” posts don’t always include the year. But even having the month and day is a big step toward getting the information an identity thief would need.
Your place of birth is also used as a secondary confirmation measure by a number of online providers and could be used to reset your password or grant a thief access to your account. So should also be protected.
2. Your Full Name
Again, this is something that’s all over the Internet. So you might not think of it as valuable information to a thief. However, with the number of nicknames, shortenings, and aliases that people use, having your full first, middle, and last name can be quite valuable to a thief. Especially if they’re looking to open a new account in your name.
“Name as it appears on card” is also an important check that’s made on many online purchases. So if a thief knows your full name, they’ll be able to make a better guess at what might be on your card.
3. Social Security Number
This is an obvious one. It’s used for confirming your identity in a wide variety of places, from opening a PayPal account to get government documents. It can be used to get a new bank account, access online accounts, file a fraudulent tax return, or even be given to police upon arrest, implicating you in a crime you didn’t commit.
In short, the social security number (or another similar identifying number, if you live in another country) is a jackpot for an identity thief. And once they have this number, it’ll be much easier to get the other information they need to steal your identity.
4. Banking PINs
Your personal identification numbers should randomized. But a huge number of people use combinations like “1234,” “5280,” and “1111” to secure their credit and debit cards. Thieves know this, and if you have a weak PIN, you’re much more likely to suffer some form of theft if you lose one of your cards.
Using birthdates, anniversaries, or other personal information that could be guessed from a quick look at your Facebook account isn’t a good idea, either. And be sure to use different PINs for different accounts; if an identity thief gets into one account, you don’t want to give them free access to another!
5. Physical and Email Address
Both of these can be used for phishing in an attempt to get you to give away identifying information, and past addresses can also be used for identity verification by financial institutions. When you open a bank account online, you’ll sometimes be asked if you’ve been associated with a particular past address. This can lead to whaling, a type of cyberattack that’s worse than phishing.
Your email address is also your username for a lot of online accounts, and with the right pieces of other information, a thief could access the account or reset the password. Like our birthdays, our email addresses are usually pretty easy to find. But you may want to consider putting it out there a little less.
6. Phone Number
Your phone number isn’t used for identity verification very often, but it can be put to great use by a talented phisher — getting in touch with you by phone and claiming that they’re with a financial or governmental institution is a favored method for getting more pieces of identifying information.
Most people are pretty hesitant to give out their phone numbers, but one slip-up could mean you have scammers on the way. It’s a good idea to stay vigilant about giving out your phone number, but being a little suspicious of people who call is probably warranted, too.
7. Driver’s License or Passport Number
Both of these numbers can help identity thieves get more information about you, including your full name, date of birth, nationality, and even address. If your actual license or passport is stolen, it can be altered to include a picture of someone else, further complicating the situation and potentially giving a thief access to parts of your life that you thought were well-protected.
A passport is especially dangerous, as it could lead to identity theft on an international level — accounts could be opened in your name in other countries, any existing accounts in other countries could potentially be accessed, and it’s even possible that an altered passport would allow a thief to travel internationally under your name.
8. Your Affiliations, Memberships, and Employer
Again, you might not think that this is information that would be valuable to an identity thief. But it can be of great use during a phishing expedition. Most people are much more likely to give out identifying information if they think they’re talking to someone from a group that they belong to. It could be an employer, a sports club, a fan club, or even an Internet group.
As with any means of phishing, your best bet is to be vigilant and make sure that you’re talking to who you think you’re talking to. If someone asks for personal identifying information, it’s a good idea to confirm with the organization that they need it and that someone called for it. If it’s a bank or your employer, just go into a local branch or work to share the information instead.
9. Card Expiration Dates and Security Codes
When you make an online purchase with your credit or debit card, you usually need to enter the expiration date and security code. If a thief has your card number and these pieces of information, they can probably use your card with free reign on the Internet. Advanced skimmers can now get this information from an infected terminal. But phishing is still a common method for obtaining this information.
As with pretty much any other piece of identifying information, don’t give this out unless you’re absolutely sure that you’re talking to someone who needs it. Phone phishing scams can target this sort of information. And just because someone says they’re from your credit card company doesn’t mean they’re asking for your benefit. Even if your caller ID tells you the same.
10. Account Numbers
Checking and savings account numbers, credit and debit card numbers, and even retirement and investment account numbers are all highly sought after by identity thieves. With the right combination of account number, another identifying piece of information, and a password or PIN, a thief could gain access to any of these accounts and start siphoning away money.
In general, you probably don’t share account numbers very often. So you probably don’t need to do a whole lot more to protect this information. Just make sure not to keep your account numbers in places where they shouldn’t be. Like written down on a pad of paper in your desk or in a plain text file on your desktop.
With the rise of healthcare fraud, it’s also a good idea to protect your health insurance numbers and any other similar information you might have.
How Can You Prevent Identity Theft?
Sometimes, you can’t prevent a big data breach or ever fully protect yourself against identity theft. There are some measures you can take to make yourself less vulnerable. Here are some quick tips:
- Make sure you have a strong password that has many characters. Including a mix of lower- and upper-case letters, numbers and symbols. And also make sure your password has no personally identifiable information or dictionary words.
- When you’re online, make sure the sites you visit are secure. The URL will usually have a lock in the left-hand corner and start with “https”.
- Enable two-factor authentication. So you’ll need to enter a code from your phone to access your accounts.
- Check your financial transactions often, and keep tabs on your credit reports to look for any changes.
There’s no shortage of ways hackers can use your information, and they seem to be getting ever more creative.
Of course, there are no foolproof methods to prevent identity theft. But taking precautions and catching signs of identity theft as early as possible can help immensely.
This post is also available in: Español (Spanish)