In the vast expanse of the digital world, where we navigate through social media platforms with multiple identities, we often switch between various personas - a hidden sanctuary for friends and family, an artistic portfolio for public display, and perhaps, an anonymous alter ego for…you know why. You never get to know who is the person behind the username!
Imagine this from a more formal, legal side of things. What if people steal your bank account details? Make transactions in your name, claim insurance benefits in your name and worst- commit crimes on your behalf!
This is termed as ‘identity theft’.
Identity theft is a crime in which an attacker uses fraud or deception to obtain personal or sensitive information from a victim and misuses it to act in the victim's name.
How exactly do they operate?
Identity theives take over your identity. This means, they gather data about you, to act like you and misuse it against you. This happens both online and offline.
In the old school-offline way, thieves take charge of lost or stolen documents like your Aadhar card, and PAN card; skim through trash, looking for discarded documents with personal information or use devices to steal credit or debit card information during transactions at ATMs and shops.
However, in today's digital age, the scope of these crimes has increased tremendously. The anonymity provided by the Internet allows miscreants to operate in secrecy, making identity theft all the more easier.
In this blog, we shall explore how identity theft is executed online and learn steps to protect ourselves from this.
Let's see it in action.
If this is available on the open internet, for anonymous social media like Reddit, imagine what level of sophistication the suspicious malware that tracks credit card information would have? How easy would it be to act 'like you'?
How do they gather your identity?
1. Social Media
What is your Instagram bio? Let's guess: Your alma matter? Your age or date of birth? The city you are from?
Let's say you have grown out of this era. What about your LinkedIn?
Social media platforms, while connecting people, also serve as a goldmine of personal information for identity thieves. They harvest this wealth of information to craft convincing phishing schemes and launch targeted attacks.
2.Online Shopping Sites
When you shop online, you give your delivery address, email ID, and phone number and even store your card details for “faster checkouts”. This plethora of sensitive data makes these sites lucrative targets. Spyware, malware, and its variants like adware and keyloggers, are some of the most common tools used by cybercriminals to collect this data.
3.Data Breaches
On a large scale, they fetch data by breaking into insurance, hospital, government, and other databases to steal the personal information of thousands.
Hence, no matter how anonymous and secure you think you are online, cybercriminals can swiftly piece together information from various platforms to track you down with alarming ease.
Most Commonly:
- They pose as your relatives from abroad, make calls to your family asking for money.
- Call up your Sim service provider, give your identity documents as proof, and ask them to change numbers. All your bank transactions then go unmonitored- they receive your OTPs and eventually drain your account.
- When your own mutuals want to malign your name- they create accounts on your behalf and pose as you to defame something / somebody.
Let's look at some identity theft cases that have happened:
- In 2012, 19-year-old Luis Flores Jr. impersonated Kim Kardashian to American Express, aiming to change her SSN and address for new cards. Detected by the credit card company, Flores and his mother were reported to the Secret Service. Further investigation unveiled a flash drive containing personal data of high-profile figures like Bill Gates and Michelle Obama. They engaged in fraudulent activities, including ordering replacement cards and transferring funds from victims' accounts after altering their information.
- In 2022, several Indians were affected by unexplained loans appearing in their credit histories, despite never having borrowed money from Indiabulls-owned Dhani Loans and Services. It was reported that fraudsters utilized individuals' permanent account number (PAN) details to obtain instant loans through the Dhani app. Some individuals received show-cause notices from collection agents for loans they did not take, while some experienced negative impacts on their credit scores due to loans falsely listed as defaults on their credit reports.
- John Podesta fell for a classic email phishing scam while he was the chairman of Hilary Clinton’s presidential campaign in 2016. Russian hackers posed as Google and emailed Podesta to change his password due to an “unusual activity.” However, the link redirected to a malicious website where the hackers accessed his email account. Once they broke in, the hackers released thousands of secret and reputation-damaging emails.
How to protect yourself?
- Use strong, unique passwords for each account.
- Monitor Your Accounts Regularly: Keep a close eye on your bank statements, credit card transactions, and credit reports for any suspicious activity.
- Be Cautious with Personal Information: Avoid sharing sensitive information, such as your Aadhar number or financial details, unless necessary. Keep a track of whom you share information with, and why.
- Be alert of phishing and spoofing: Stay cautious of emails, texts, or calls asking for personal information or urgent action, especially if they seem suspicious or come from unknown sources.
- Protect Your Social Media Accounts: Review your privacy settings on social media platforms. Be mindful of the information you share publicly. Do not share any uniquely recognizable information.
- Shred Sensitive Documents: Dispose of paper documents containing personal information securely by shredding them before throwing them away.
Conclusion:
0 Comments