Identity Theft: What is it and How to Avoid Scams

What is Identity Theft? 

Identity theft is when someone (likely a hacker or cybercriminal) steals and uses your personal information, such as your name, Social Security number, birthday, and more, to commit fraud and impersonate you. Hackers usually commit identity theft for some form of financial gain through your accounts. There are many ways a hacker can commit identity fraud, including: 

• Hacking into social media and financial accounts  

• Stealing credit card information 

• Email phishing 

• Ransomware attacks/Malware attacks 

• Tech/Help Desk support fraud 

• Data breaches 

Hackers use these various methods to steal your personal data and then impersonate you. They can take this information and use it to open new bank/credit card accounts, use your medical insurance, withdraw funds from existing accounts, turn on utilities, and even steal your tax refund! 

According to AARP, identity theft cost Americans upwards of $43 billion dollars in 2023 alone. This number is only expected to grow with the continued targeting of vulnerable groups such as the elderly, children, college students, and other unknowing victims. With the large amount of personal information available online it is only becoming easier and easier for hackers to gain access to personal data. To be prepared, you should know how it happens and ways to protect yourself.   

How Identity Theft Happens  

As mentioned above, identity theft happens when a hacker steals your personal information and uses it for their own gain. But how exactly does that happen? According to Equifax, there are many ways your identity can be stolen, and hackers can obtain information such as: 

• Stealing your wallet along with your ID, credit cards, medical cards, etc.  

• Going through trash to find bills, statements, checks, and other forms with personal information.  

• Obtaining records from place of employment. 

• Hacking into social media and back accounts by using personal information found online. 

• Clicking on phishing emails, texts, and websites created to steal information.  

• Data breaches that expose your passwords.  

• Hackers monitoring public Wi-Fi. 

• Scammers buying personal data on Dark Web. 

• Ransomware/Malware attacks on individuals or corporations. 

These are just a handful of ways hackers and scammers can obtain your confidential information. With the growth of technology, comes the growth of ways hackers and scammers can access data and commit identity theft. But don’t worry, there are ways you can protect yourself! 

Prevention Tips  

While there are many ways hackers can access and obtain your personal data, there are also ways you can protect yourself and your family. You should always keep a watchful eye on your accounts, but there are some tools and methods you can use to help you with that. Here are five prevention tips to help protect your identity from hackers and scammers.   

Enable Fraud Alerts 

One of the best ways to protect yourself against identity theft is to enable fraud alerts for you bank or credit card. Many financial institutions, like Chase and Wells Fargo, will text, email, or alert you through their app when you make a purchase or if any suspicious/large purchases are made. They can also alert you of any suspicious withdrawals or checks being cashed. Fraud alerts are a great way to catch identity fraud early on.   

Password Variation 

Never use the same passwords for all your accounts. Ensure all your passwords are long, unique, and kept private. When creating a password, always include numbers, characters, upper and lowercase letters, and variation throughout. The National Institute of Standards and Technology recommends making your passwords AT LEAST 15 characters long. The longer the password, the harder your accounts are to hack into. Also, avoid generic passwords or any names or number orders (birthdays, anniversaries) that could be found online.  

Do not give your passwords out to anyone or any company. Companies should NEVER ask you for passwords through email or over the phone. You can save your passwords into databases like Dashlane and ElePass, but ensure that they are also set up with strong passwords and multifactor authorizations.  

Install Anti-Virus Software 

Installing Anti-Virus Software is a great way to prevent hackers from accessing your accounts. This type of software can detect and prevent malware or ransomware from infecting personal computers and other devices. Anti-Virus Software constantly monitors files and applications checking for any suspicious behavior. It can also alert you of any suspicious activity, so you can catch potential hackers early on.  H3:

Utilize Two-Factor Authorization 

Two-Factor Authorization (2FA) should be enabled on as many accounts as possible. This extra layer of protection helps prevent hackers from gaining full access. 2FA requires one or more additional identifiers to be added to the account. These identifiers include: 

• SMS Text/Email Authorization  

• Authentication Apps (Microsoft, NordPass) 

• Biometric Authorization (Fingerprints, Face ID) 

• Pins  

Having one or more of these in addition to a strong password can greatly decrease your chances of being hacked. You should have 2FA for all accounts but especially social media, bank, and credit card.  

Shred Documents  

This tip is an easy one, simply shred all documents with sensitive information. While shredding is best, you can also tear up or black out documents before throwing them away. There have been occurrences of people going through trash to find documents with personal information to use to hack or scam. There is also a rise in check fraud in recent years with, most likely due to mobile banking and people not disposing of deposited checks properly. Shredding documents ensures that your sensitive information stays protected.  

Be Aware of Phishing Scams 

Phishing scams typically come in the form of fake texts, emails, and phone calls. Scammers will typically impersonate a real company, or even the government, to gain access to personal data. These emails and texts can look legitimate, but there are some signs to look out for: 

• Check for suspicious email addresses containing randomized numbers and letters. 

  • For example: micros0ft[.]com, Wellsfarg0[.]com, etc. 

• Look for a generic greeting such as “Dear Customer”. 

• Check for glaring grammar and spelling errors. 

• Read for any insistent language to click on a link to go to an external page.  

• Check for any oddly labeled attachments. 

• Be suspicious of urgent requests. 

Phishing emails and texts are becoming more and more common, but so are phishing phone calls. These are especially dangerous because they target the elderly with false claims about their accounts. Unless you reached out first, companies tend to not call customers with any concerns about your account. Companies will also never ask for confidential information, such as your Social Security number or passwords, over the phone.  

The Cost of Identity Theft 

The cost, for an individual, of identity theft is anywhere between $500-$10,000. While monetary cost is a big deal, there is also the cost of time put into resolving the aftermath of identity theft. According to a survey done by Money.com, for 43% of victims it took a week or less to resolve while 38% responded that it took between a week to three months to resolve. A small percentage (10%) answered that it was as long as 12 months before their case was settled and another 10% never resolved their case.  

Recovering from Identity Theft 

If you have already been affected by identity theft, there are ways to recover! It can take some time, but here are the steps you can take to begin recovery:  

Step 1: Freeze all financial accounts 

As soon as you notice any suspicious activity, immediately freeze ALL your accounts, even if they haven’t been tampered with yet. You must contact the institution where the theft/fraud first occurred. Contact the rest of your financial institutions and alert them of any suspicious activity. You may even want to consider completely closing these accounts. This will prevent further damage and limit access to your other accounts. Changing all your passwords, even on social media, can give you a good head start towards recovery.  

Step 2: File a report with your local police department and the FTC  

You can visit IdentityTheft.gov. and fill out a form to alert the FTC of the crime and receive a recovery plan. This will help you keep track of your recovering and give you the forms needed to continue your recovery process. You can also use the report from the FTC to alert your local police station of the crime committed and they can help you with further steps. 

Step 3: Take account of all damages 

Look through all your accounts and take note of all charges, withdrawals, and any other transactions you did not make. Examine all statements and bills to check for further activity. Monitor your credit score and any new accounts being opened in your name that you did not authorize. Keep track of all your accounts while your case is being investigated and alert the authorities of other suspicious activity that pops up. 

Step 4: Dispute charges 

Once you have taken note of all damages and charges, it is now time to file disputes. Alert your financial institution of which charges you did not make so they can begin to investigate immediately, and you can get your funds returned to you or reverse any charges.  

Step 5: Continue monitoring your accounts and educate yourself 

While your investigation is pending, continue to monitor your accounts and any new accounts or credit card you've opened to replace the old ones. Also, take some time to educate yourself on ways to further protect your identity and prevent this from happening again.