Top 5 Identity Theft Tactics Fraudsters Use

Technological innovation has revolutionized the way business operates. The instant, globalized connectivity has allowed companies and institutions to better understand their customer’s needs, identify new markets, and improve their operations.

Unfortunately, technology has also changed the way crime operates. Cybercrime, such as identity theft, fraud, and data hacking, are all on the rise in Canada. In 2018, Canadians lost a record $12.2 million from identity-theft related causes, a $9.5 million increase from the year before.

Identity theft is a serious crime. Every year, bad actors scam, skim, and mine personal data and information from unsuspecting victims to commit fraud and theft, and this isn’t a localized problem, either.

In Europe, one in five Europeans has reported having suffered from identity theft or fraud. Globally, consumers have lost more than $1.9 billion to identify theft and fraud in 2019, a statistic that’s rife with emotional and financial distress.

1-ID is one of the ways you can safeguard your business and clients against identity theft. Before we get into our automated, digital solutions, let’s explore what online identity theft is and 5 of the most common tactics bad actors use to conduct it.

Online Identity Theft – What is it?

Online identity theft is when bad actors, fraudsters, or scammers steal or use somebody’s personal information to commit fraud and/or theft. The type of sensitive information that gets stolen includes but is not limited to the date of birth, banking information, government-issued ID such as driver’s licenses and passports and online passwords.

While social media platforms, eCommerce websites, and even online banking have changed the ways many of us live our online lives, these new technologies have also opened up new avenues for thieves to commit fraud. The amount of personal information shared on social media, poorly protected passwords, and elaborate phishing scams have all contributed to 14.4 million victims in 2018.

Here are 5 of the most common identity theft tactics fraudsters use so you can better prepare and protect yourself.

5 Top Identity Theft Tactics Fraudsters Use

Phishing

In the United States, the FTC reported that the most common identity-theft related crimes were phishing scams. Phishing scams involve imposters pretending to be members of a genuine organization, government institutions, or other official body to trick a victim into giving up their sensitive information.

Tactics include spoofed phone calls, fake e-mails designed to look identical to official ones, and websites that install malware that can only be removed by surrendering personal information and/or a cash ransom.

As technology becomes more and more sophisticated, so do phishing scams. The advent of deepfakes, cloaked websites, and voice modulators all contribute to identifying, verifying, and authenticating challenges in today’s digital economy.

Social Media Networks

Social media networks present perhaps the largest vulnerability to personal user information today. Not being careful about the sensitive information you post online, the comments you make, or the people you add as contacts lead to your personal data becoming public.

With social media networks becoming more prevalent, bad actors can simply skim through a user’s public profile, comment history, and “likes” to gain access to their personal information, all without contact or impersonation.

In 2016, the BBC reported that identity fraud was up by 57% as thieves “hunt” for personal information from social media sites. The report stated that while “some personal details were found by hacking computers… [an] increasingly fraudsters used social media to put together the pieces of someone’s identity.”

Data Breaches

Data breaches are becoming increasingly commonplace as businesses and institutions struggle to keep up with security threats. Some of the most significant data breaches to date include:

These three platforms are the most prominent, but there are hundreds, if not thousands, of more instances where sensitive information has either been leaked or breached online by bad actors.

Causes for data breaches include:

Unsecured user credentials
Software/hardware/application vulnerabilities
Physical attacks

Pharming

Pharming is a fraud technique where bad actors utilize malicious code and fake websites to frame a bogus site as a legitimate one. This malicious code redirects the user to the criminal’s site through a technique known as DNS cache poisoning. From there, the user will unknowingly submit their personal information to the fraudster, unaware that they’re on a bogus site.

Notable examples include a pharming attack that exploited a Microsoft vulnerability in early 2006. The attack saw at least 50 financial institutions suffer from site spoofing and skimmed the personal information off users for 3 days before Microsoft could patch the vulnerability.

Vishing

Like phishing attacks, vishing is conducted by bad actors over the telephone and in-person by impersonators pretending to be legitimate businesses and government or financial institutions.

Vishing attacks work when imposters contact a business on or offline, pretending to be part of an organization they’re not to steal their personal information.

With Voice over Internet Protocol (VoIP) and other digital calling technologies, criminals can now easily and inexpensively mask their identity, hide their location, and spoof their calls to make it seem like they’re legitimate.

How to Protect Your Business and Clients From Identity Theft and Fraud

While we’ve covered the top identity theft tactics fraudsters use, these are only the tip of the iceberg when it comes to cybercrime. Cybercriminals are becoming more and more advanced, and security software has to outpace bad actors to safeguard your business and your clients’ personal information.

Here’s how you can protect your business and your clients from identity theft and fraud.

Practice Better Cybersecurity

It’s better to treat the cause, not the symptoms, but it’s even better to aim for prevention instead of a cure.

Today, many businesses and institutions suffer from weak credentials, application vulnerabilities, and human error, contributing to vulnerable points in their security. Examples of the practices you could implement to boost your security include:

Connecting only to a secure and identifiable internet network.
Avoid opening unknown links, emails, or pop-ups.
Using strong passwords and multi-factor authentication.
Provide data breach training to staff and administrators.

Adopt 1-ID’s Secure and Automated Identification, Verification, and Authentication Solution

1-ID protects against fraud and authenticates all forms of identification through comprehensive, multi-factor checks. Matching phone numbers to wireless service provider data, virtual in-person video conferences, and in-person meetings are just some of the ways 1-ID takes authentication one step further.

For authenticating documents remotely and automatically, 1-ID’s AI-powered scanning technology parses MRZ data, checks for image doctoring, and validates content attributes to verify passports. 1-ID’s automated APIs detect, extract, and verify data against our existing information on file to validate with 100% accuracy.

Whether your objective is to minimize fraud, prevent identity theft, or approve and verify customers faster, 1-ID provides one comprehensive, straightforward solution for all of your identification, verification, and authentication needs.

With Canadian identity theft and fraud on the rise, businesses and institutions need a reliable, accessible, and easily implemented method to combat fraud and identity theft. No matter the sector, 1-ID can help you bring on clients and merchants faster and more securely by reducing friction, minimizing fraud, and decreasing costs while staying completely compliant.

Onboard quicker, reduce processing times and scale your business with our 1-ID solutions.

For more information, click here to find out which solution best fits your business.