Personal Identity Theft as a growing cybercrime concern
We’re in a time where personal data passes around devices, websites, and networks on a daily basis. Hour by hour, info travels from node to point, in part because of online purchases, search queries, and website logins, to name a few sources. But because of this deluge of data, it makes it easier – and common – for personal info to find itself in the wrong hands.
A 2022 Consumer Impact Report conducted a survey of 1371 consumers, finding that roughly half had dealt with an attack related to their personal information. Furthermore, the survey found that attacks to steal personal data are increasing in complexity.
Other tidbits of the survey revealed additional troubling facts. Unresolved cases, whereby an affected user did not recover data or was the victim of an identity-based attack, increased to 55 percent between 2020 and 2021. Another staggering number is social media attacks. For instance, social engineering attacks average 1000% increases on an annual basis. Those attacks don’t come without cost, either, with 51% of those surveyed reporting they had lost money to scams or other means. Common financial losses come in “under $500,” though some extreme cases report losses of up to $10,000.
Reasons for the attack increase
The data paints a harrowing picture, as identity theft increases in both frequency and cost. But why are the attacks rising? The reasons are various, though some key factors point to the primary causes.
First is the nature of social media, websites such as Facebook especially. Facebook has observed a surge in phishing, misinformation, and deception-based attack for several years. It makes sense, given that it’s a hotbed of connections with proximity access to friends, family, and even business relations. Thats why account takeovers are so valuable, granting hackers access to a web of attack surfaces.
Other factors, like mobile device use, contribute to the attack saturation. Growth and utilization of mobile hardware, from smartphones to tablets to touch-screen laptops, create perfect windows for attackers. Added to unsecured wireless connections, or, WAN networks with limited security, hackers have numerous opportunities to escalate attacks and hijack info.
This personal info theft is different because it’s not ransomware or infection of a system. Instead, identity thieves use it to steal information, falsify data, and even make purchases, but acquire it through various means. It’s not much different from identity theft scams of the early internet days, but placed in a digital sphere. If a user isn’t aware, both their credit and finances can take a huge hit.
Stopping the attacks
The bigger question (and problem) on everyone’s mind then is stopping personal theft attacks. The good news is the best defense is one of awareness, no costly software needed. Primarily, as with many breach attempts, a little scrutiny goes a long way. And, practicing good personal security habits can go a long way in protecting personal data. In other words, caution, second-guessing, and zero trust are ways to reduce the chance for personal identity theft attacks. Also, shredding and cutting cards, sensitive documents, and bank statements before disposal can prevent theft too.
These are specific to shielding personal identity, and include:
- Closely monitoring credit reports for unusual spikes in activity and/or use of credit cards
- If not already, setting a PIN for mobile devices and websites (where relevant)
- Activating two-factor authentication for banking services
- Checking bank accounts for any unusual activity while setting up alerts
In many cases, banks and creditors will protect against fraud, if it’s reported early enough. The catch, of course, is quick discovery. Those who find erroneous and malicious use of funds and social credentials can report that to their bank to recover funds (usually), another reason to keep a close eye on personal info if you suspect it’s been stolen.
As for social media, that comes down to recognizing false information on the fly, which is easier said than done. Some hallmarks of shady activity however relate to requesting personal info and/or login information from unknown parties.
Though phishing, ransomware, and malware are still leaders in cybercrime, personal identity theft remains a serious concern.