Been refused a loan? Sudden flurry of junk mail or spam? Many people don’t realise when they’ve fallen victim to identity theft.
We examine how to recognise the signs of identity theft, the damage identity fraud can do, and how to lower the risk to yourself and your business.
What exactly are identity fraud and identity theft?
Identity theft occurs when a person’s personal information, such as their name, date of birth, current address, or former addresses, is taken with the aim to commit identity fraud. The identity of a company can be stolen and misused in the same way.
When stolen information is used to commit fraud, in other words getting goods or services through deceit, that is called identity fraud. ID fraud can also take the shape of a money-laundering operation, such as when the victim’s money is used to buy products that are then sold on after being delivered to the fraudster.
How common is identity fraud?
In the UK, 226,000 cases of identity fraud were reported in 2021, with people 60 and older being the most commonly affected age group. In fact, there were 180,000 reports of fraudulent behaviour in the first half of 2021, an 11% rise from the prior year.
How can personal or company information be stolen?
Identity information can be stolen by a number of methods, with the following being the most common ones:
Physical theft
Having your belongings taken from your pockets, luggage, home, or being mugged gives thieves access to your ID in many forms.
Vishing and cold calling
This means con artists calling potential customers under the guise of a reputable company in an effort to obtain their personal information and other financial details.
Hacking
This might be the result of thieves breaking into a computer or phone to obtain information.
Pharming
Fraudsters frequently send emails, SMS (smishing), or instant communications that appear to have been sent by reputable businesses. These either have an attachment that downloads malware onto the victim’s machine or a link that leads to a bogus website intended to collect information.
Malware
You can be infected with malware from hacked or fake websites or emails, including keylogging applications.
Data breaches
Criminals who commit identity theft sometimes obtain data directly from a breach, or buy it from other criminal forums on the dark web. Sometimes it is shared from another breach, or discussed in private conversations between rogue employees and their handlers or accomplices.
Bank statements and other account statements
Bank and pension statements, among others, may be intercepted and stolen, or taken from personal documents that have been found in the rubbish. Be aware of what goes in your recycling bin.
Social media
Excessive social media sharing can give away birthdays, maiden names, primary schools, pet names and other typical security information used to protect confidential data.
Shoulder surfing
Who is behind you at an ATM or when making purchases?
Websites
Amazon and an increasing number of websites may store your credit card information. How good is their security?
How to recognise if your identity has been stolen and fraudulently used
A number of warning indicators could mean that you have been the victim of identity theft, in other words that your identity has been stolen and may have been used fraudulently.
These consist of:
- Your regular delivery of bank or utility bills and statements, as well as crucial documents like a passport or driver’s licence, has been disrupted.
- Unaccounted-for purchases or items show up on bank or credit card statements.
- You are advised that you are already claiming when a claim for state benefits is being prepared.
- Bills or receipts for products or services that you did not request or use arrive.
- Suddenly, financial services, credit cards, or loans are refused, which is a sign that your credit rating has declined.
- Letters from debt collectors or solicitors for unpaid obligations arrive.
- You may simply get a sudden influx of junk mail or spammy marketing emails. These may be your only clue that someone has signed up to a service in your name.
Identity theft and ID fraud’s effects
The impacts of identity theft-related ID fraud can extend for months or even years and can include psychological and emotional consequences from the crime itself, and from whatever financial concerns it may have generated, such as anxiety, a sense of violation, disrupted sleep, sadness, and potentially even suicidal emotions.
Financial issues may necessitate borrowing money (from relatives, banks, payday lenders, or credit cards), which could result in even more serious financial issues in a downward spiral.
Physical sickness symptoms, such as high blood pressure, heart palpitations, exhaustion, aches in the muscles, and more have been reported by many victims.
How to deal with identity theft and fraud
Following identity theft and fraud, recovery may require any of the following measures.
Report the fraud as soon as it is found by contacting banks, credit card companies, the police, and Action Fraud. It may only take one month once credit card companies are notified for the credit to be recovered.
You may need to back up claims regarding phoney bank accounts, loans, and other instances of identity theft. Using Google Maps, your calendar, phone, and email records, among other resources, you can trace and describe your movements at the time of the scam. Sometimes, this can take months or even years.
Compile a list of all your banks, lending institutions, credit card issuers, online retailers, and PayPal accounts in order to examine and investigate each one for any irregularities, both at the time of the fraud itself and moving forward.
You may have to invest additional money hiring a lawyer, or to get professional assistance from a specialist in issues relating to identity theft and fraud.
How to prevent identity fraud and theft
There are various things you can do to lower your risk of being an ID theft and fraud victim. Prevention is always better than cure.
Refrain from oversharing or disclosing extremely personal information on social media, and stay away from quizzes that ask for personal information. Make sure that only people you trust can see your personal postings on social media by checking the privacy settings, and keep an eye out for odd friend requests or communications.
Watch out for any phishing scams. Don’t, for instance, open or download any attachments from questionable or unsolicited emails (or SMS messages), or click on any links in them (which could lead to phishing sites or malware downloads). Additionally, be on the lookout for “vishing” calls and refrain from providing callers with any personal information or account information. If in doubt, end the conversation and call back at what you are certain is the correct number.
Consistently look over your bank and credit card accounts and activities for any strange activity.
Frequently change your passwords, keep your antivirus software up to date, and install security patches. Make sure reputable antivirus software is installed, security verification is enabled, and locking is configured on all devices, including the phone.
Avoid throwing personal documents out with the rubbish. Shred them instead. If you are at home and don’t have a shredder, rip them up vertically so you separate numbers like sort codes, account numbers and so on, and then bury them in old food or other wet refuse that will damage the paper.
Immediately report any missing statements or personal documents that were ordered but have not yet arrived.
Exercise caution and vigilance at ATMs and other locations where “shoulder surfing” can occur.
Immediately report any loss or theft of any cards, of any personal property that may include ID information.
Moving home or office premises is a very vulnerable time. Since we don’t use ID cards in the UK, it only takes a few of your bills or other documents to go to your old property left vacant, and someone has the necessary evidence to open a bank account or raise a loan in your name and also to hack into your genuine online accounts. If you’re moving, make sure the new address is provided for all personal correspondence or that a forwarding service is set up with the Royal Mail. Conversely, be aware that we have heard of cases of people having their mail redirected by a criminal even when they had not moved, so if bills and other documents that you are expecting fail to arrive, follow up with the Post Office and check what is happening.
The implications for your business
As a business, you face two sides of this problem. Your employees could fall victim to identity theft or ID fraud, and this serious issue has been getting worse since 2021. Your legitimate company could also be used as a front for fraudsters to impersonate, so they can lure your customers into sharing personal data.
Developing good habits like shredding documents with personal information and reporting anything out of the ordinary right away could also help lower the risks that we are all exposed to from criminals who are becoming more daring and creative while employing more sophisticated technological techniques.
The greatest defence at work, as well as in your personal life, is to follow the maxim “less is more” when it comes to disclosing personal information, to regularly check accounts and change passwords (and avoid sharing passwords), and to be generally aware of risks like phishing, vishing, and smishing.
