Impersonating someone is an activity as old as mankind and has been performed to a great comedic effect by comedians and clowns throughout the ages. Unfortunately, identity theft is not a laughing matter, as it could potentially have devastating effects on a person’s life.
Keeping your identity safe used to be much simpler than it is today. Cyber security watchdogs have reported that during the period of the COVID-19 pandemic the global losses experienced due to identity theft have doubled from those reported in 2019.
These are not large organizations either. Many people fall into the traps set by threat actors. In this article, we’ll share the seven most common forms of identity theft taking place today.
Online Account Takeovers
The first form of identity theft is called Online Account Takeover. With Account Takeovers, also referred to as Account Hijacking, a threat actor gains the credentials of a victim’s online account to a platformer service. The threat actor proceeds to modify the victim’s account in such a way that the victim no longer has access to their account. This typically means that the account recovery email address and password are modified.
This provides the threat actor with multitudinous opportunities to exercise this new identity to exploit others. In the case of social media, this violated identity would still be seen by others as a person they know and trust.
Visit this page for more information on how to prevent Account Hijacking.
Social media account cloning
Have you ever received a friend request on a social media platform from a family member or friend who you know is already a friend? This might be a case of Social Media Account cloning. This happens when a threat actor creates a social media account identical to your own.
By impersonating the victim, the threat actor can easily persuade friends and family members to divulge sensitive information online, enabling the threat actor to cause serious damage to the victim’s reputation and livelihood.
Social Security Number Identity Theft
Wherever you are, having a citizen’s government identifier compromised is extremely bad news. In the US, it is not that different either. Social security scams have left many Americans in terrible circumstances. In a typical Social Security Number scam, a threat actor would create a website that looks exactly like a trusted institution.
Through social engineering on the threat actor’s part or a lack of cyber discipline on the victim’s part, a threat actor coerces a victim to an online platform where PII (Personally identifiable information) is required to perform a task. Sometimes along the line of: “confirm your information, or your account will be locked”.
The unsuspecting victim enters their PII with their Social Security Number, giving the threat actor exactly what they need to create a completely fraudulent persona. This persona would have all of the legal abilities of a US citizen, such as taking out loans, applying for credit cards, etc.
Online Shopping Fraud
This kind of fraud normally relies on an online victim who is desperate to purchase an item at a greatly reduced price. Threat actors set up a fictitious online store where they are “selling” expensive items at a low price. The user then registers on the online shop, and just like that, a treat actor has their credentials.
The key here is that many online users utilize the same usernames and passwords for all of their online accounts (a big mistake, as you understand by now), and this is what the threat actor is banking on.
In Conclusion
Having good cyber disciple is one of the best ways to avoid becoming a victim of this senseless flavor of cybercrime. Protecting your privacy comes down to a few very effective measures you can put into place.
Cyber discipline can be summarized as follows:
- Having strong passwords that are unique for every online site you have subscriptions for.
- Keep a watchful, ever-skeptical eye out for social engineering tactics.
- Install strong anti-malware software on your devices.
- Avoid using public Wi-Fi connections unless you have a VPN through which your device can connect to the internet.
- Never use your business email address to register for personal and social media accounts.
- Be very stingy with all of your PII.
