Thursday, March 28, 2024

My Identity was Stolen! Here’s How You Might Become a Target

Impersonating someone is an activity as old as mankind and has been performed to a great comedic effect by comedians and clowns throughout the ages. Unfortunately, identity theft is not a laughing matter, as it could potentially have devastating effects on a person’s life.           

Keeping your identity safe used to be much simpler than it is today. Cyber security watchdogs have reported that during the period of the COVID-19 pandemic the global losses experienced due to identity theft have doubled from those reported in 2019.

These are not large organizations either. Many people fall into the traps set by threat actors. In this article, we’ll share the seven most common forms of identity theft taking place today.

Online Account Takeovers

The first form of identity theft is called Online Account Takeover. With Account Takeovers, also referred to as Account Hijacking, a threat actor gains the credentials of a victim’s online account to a platformer service. The threat actor proceeds to modify the victim’s account in such a way that the victim no longer has access to their account. This typically means that the account recovery email address and password are modified. 

This provides the threat actor with multitudinous opportunities to exercise this new identity to exploit others. In the case of social media, this violated identity would still be seen by others as a person they know and trust.            

Visit this page for more information on how to prevent Account Hijacking.

Social media account cloning 

Have you ever received a friend request on a social media platform from a family member or friend who you know is already a friend? This might be a case of Social Media Account cloning. This happens when a threat actor creates a social media account identical to your own.  

By impersonating the victim, the threat actor can easily persuade friends and family members to divulge sensitive information online, enabling the threat actor to cause serious damage to the victim’s reputation and livelihood. 

Social Security Number Identity Theft

Wherever you are, having a citizen’s government identifier compromised is extremely bad news. In the US, it is not that different either. Social security scams have left many Americans in terrible circumstances. In a typical Social Security Number scam, a threat actor would create a website that looks exactly like a trusted institution.     

Through social engineering on the threat actor’s part or a lack of cyber discipline on the victim’s part, a threat actor coerces a victim to an online platform where PII (Personally identifiable information) is required to perform a task. Sometimes along the line of: “confirm your information, or your account will be locked”. 

The unsuspecting victim enters their PII with their Social Security Number, giving the threat actor exactly what they need to create a completely fraudulent persona. This persona would have all of the legal abilities of a US citizen, such as taking out loans, applying for credit cards, etc.   

Online Shopping Fraud

This kind of fraud normally relies on an online victim who is desperate to purchase an item at a greatly reduced price. Threat actors set up a fictitious online store where they are “selling” expensive items at a low price. The user then registers on the online shop, and just like that, a treat actor has their credentials.   

The key here is that many online users utilize the same usernames and passwords for all of their online accounts (a big mistake, as you understand by now), and this is what the threat actor is banking on. 

In Conclusion

Having good cyber disciple is one of the best ways to avoid becoming a victim of this senseless flavor of cybercrime. Protecting your privacy comes down to a few very effective measures you can put into place. 

Cyber discipline can be summarized as follows:      

  • Having strong passwords that are unique for every online site you have subscriptions for. 
  • Keep a watchful, ever-skeptical eye out for social engineering tactics.  
  • Install strong anti-malware software on your devices.
  • Avoid using public Wi-Fi connections unless you have a VPN through which your device can connect to the internet. 
  • Never use your business email address to register for personal and social media accounts.
  • Be very stingy with all of your PII. 
Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles