3 Risky Scenarios For Your Identity Online
Since we use real data to create our digital identity (social security number, name, address, email addresses, and social media channels), we can see it is a bridge between the virtual and the real world.
Now, most online users know not to make sensitive information public. Still, this can’t be helped when working with services like online banking, health organizations, online shopping, or your workplace (among others). Due to the fast development of internet services, we can do most of our tasks & chores online. And, in most cases, we are safe from the prying eyes of ill-intended actors.
Of course, there are exceptions. Moreover, the last couple of years brought a new level of threats aimed at a wide range of organizations and individuals. And all this happened on a background of increasing instability all over the world.
For instance, at the beginning of 2020, ill-intended actors exploited people’s fear and need for knowledge related to the pandemic. As a result, many individuals simply handed over their personal data to dark web dwellers, in schemes that may not be as effective during times of stability.
Therefore, in an effort to increase awareness of online identity thefts and how they happen, here are the top three most common scenarios that everyone should be aware of.
#1: Good Old Phishing
This is an old scam that’s still highly efficient today. In short, the user receives an email from an official-looking government department (the FBI or the IRS, to make sure the user pays attention). In the email, the user is required to confirm their identity by clicking a link that leads to a data confirmation form on the so-called official website (a copied version of the site, but with a different URL).
The user will introduce the requested data, at which point they will be notified the confirmation was successful. However, in the background, the data go to the criminals’ database. Therefore, they now have full access to your account and extra personal information to complete your profile (fully completed profiles sell well on the dark web market).
Pay attention: Recently, phishing attacks target financial data and credentials for your bank accounts.
How to Avoid this Scenario
Never click on links received via email, even if the email seems 100% legit. If the email asks for immediate action, call your bank or organization using a phone number you trust (from their official website). Talk to one of their representatives and ask about the email.
Also, there are other ways to avoid identity theft, especially when it comes to financial information.
#2: Email Account Take Over
Our main email address is extremely important nowadays. We use it to connect to our smartphones and sync our data from multiple devices. We also use it as a recovery method for other accounts and to create secure cloud accounts.
So, it is only natural that email addresses and passwords are extremely valuable on the dark market. Sadly, many people don’t understand the power of two-factor authentication or don’t want to be bothered by it. Therefore, email hacking is common, especially when you use weak passwords.
When an account is hacked, the actor behind it will take over the account. And, before anything else they can employ a cheap scheme that almost always works. The hacker will send out a mass email to your list of friends, saying you are stranded in a third-world country, without a phone or wallet. To help you out, the friend should wire a certain sum (usually $1000) to the given account.
How to Avoid this Scenario
The first step is to activate two-factor authentication and make sure you use strong passwords. Second, if you receive an email saying your friend is stranded somewhere, first call them. They may not be aware that their account was taken over. Also, look for grammar mistakes and odd phrases – cybercriminals don’t tend to pay attention to grammar.
#3: New Account Fraud
Data breaches are the main method used by cybercriminals to extract valuable information. This is how they can get hold of your name, address, phone number, SSN, bank account, and more. Once they have a complete profile, it is easy to open a new bank account, apply for a loan or credit card, or contract utility services in your name.
How to Avoid this Scenario
Once you’re informed one of your accounts may be part of a data breach, immediately change the password for the account. Also, never use the same password for multiple accounts!
Key Takeaways
Online identity theft is a process. Even more, it’s a crime that’s difficult to identify when it starts and difficult to track when it’s discovered. Therefore, the best method of protection is prevention. Take your online life seriously and don’t be stingy on passwords!