What is Identity Theft?
Top 5 Types & Examples
Identity theft is probably the last thing you’d want to worry about, but perhaps you should. Each year, millions of people around the world, many of them children and minors, have their identity stolen. The rise of the internet, the wide distribution of malicious software, and insufficient cybersecurity practices have all made identity theft very easy to accomplish.
Key takeaway: Identity theft is the purposeful use of another person’s identity for personal gain. Hackers can use malicious software, phishing emails, and data breaches to steal your personal information and get access to your bank account, Social Security benefits, or medical records. Read on to learn about the most common types of online identity theft and the ways to stay safe.
What Is Identity Theft?
Identity theft is the intentional use of somebody else’s identity for personal gain. If you’re a victim of identity theft, the perpetrator can use your name, your photographs, your personal documents, and other identifying information to commit a variety of acts for their own benefit. Depending on the type of information they obtain, the perpetrators can withdraw funds from your bank account, obtain credit and tax benefits, open utility accounts in your name, or steal your identity to commit other illegal acts.
While this may be difficult to pull off in the real world, online identity theft is one of the most common forms of cybercrime today. In recent years, hundreds of businesses around the world have experienced major security breaches where hackers have stolen their users’ personal data. The average cost of a single data breach for affected businesses is about $4 million in lost profits and recovery expenses, whereas the global economy is losing about $500 billion each year due to data breaches and cybercrime.
There are many ways how hackers can obtain your personal information. They can trick you into installing malicious software on your computer or send you phishing emails that contain links to infected websites and attachments with compromised installation files. More skilled hackers can use injection scripts to add extra fields to web forms on reputable websites like online banking portals. Unsuspecting users will enter their personal data unaware that it’s being sent to the hacker instead of their bank.
Once they obtain your personal information, hackers can use it for their own benefit or sell it to other cybercriminals for immediate financial gain. According to research, there is a booming market of personal information on the dark web, where stolen social security numbers are selling for $1, driver’s licenses for $20, diplomas for up to $400, medical records for $1,000, and passports for $2,000. Identity thieves can buy the information individually, in bulks according to the type of information, or in bundles.
What Types of Identity Theft Exist?
Based on their goal and the nature of the personal information that was stolen, there are several types of identity theft. Some of them are mostly relegated to the offline world, while some others are usually carried out online. The five most common types of online identity theft include the following:
- Financial Identity Theft
By far the most common type of online identity theft, financial identity theft occurs when cybercriminals steal your personal data to take control of your existing financial accounts or create new ones in your name. For example, hackers can utilize spyware or injection scripts to get your credit card number and use it to make unauthorized payments online. Similarly, they can obtain your online banking login data and withdraw funds from your account, either at once or gradually so that you don’t notice it as easily.
In addition to all this, identity thieves can also use your personal information to take out loans, credits, and other financial services they might not otherwise be eligible for. If they default on their loans or fail to make their credit payments, it will be noted on your financial record, thus hampering your own ability to take out loans and credits in the future.
- Medical Identity Theft
Considering that almost 40 million Americans don’t have health insurance, it shouldn’t come as a surprise that medical identity theft is very prevalent in the United States. This type of identity theft involves the use of other people’s information (usually their medical identification numbers) to access medical services and products. For example, if a hacker obtains your health insurance number, they can use it to see a doctor, file claims with your provider, or obtain prescription drugs – all in your name.
Medical records are fetching high prices on the black market, but the fact that others can use them to obtain services in your name isn’t the only threat. If your records contain any sensitive information that you’d rather keep private – from an HIV diagnosis to a plastic surgery – hackers could use it to blackmail you or damage your reputation.
- Social Security Identity Theft
Several major data breach cases that made the news in recent years involved a theft of millions of Social Security numbers from large online databases. After all, the Social Security number is perhaps one of the most important assets of US citizens that many institutions use for identification, as well as for taxation purposes. This means that the person who steals your Social Security number could use it to claim tax benefits or file a fraudulent tax refund in your name.
The main problem with Social Security numbers in the United States is that they contain no biometric information whatsoever. It is thus impossible to confirm that the person using a Social Security number is the actual person they claim to be without the use of some other document. Hackers and identity thieves are using this to their advantage and selling stolen Social Security numbers to illegal immigrants looking to find work in the United States, as well as criminals in need of a false identity.
- Synthetic Identity Theft
Synthetic identity theft is a fairly new and sophisticated form of identity fraud that owes a lot of its popularity to the increased availability of stolen information on the dark web. Rather than stealing a single person’s identity, fraudsters create a brand new identity for themselves combining a variety of stolen information. For example, they can use an unused Social Security number in combination with a name and date of birth that don’t match those associated with the number in question.
These types of frauds are usually very difficult to track because there’s no credit record associated with the stolen Social Security number. However, as soon as the fraudster applies for a credit card, a record is created, which they can then boost through a series of deceitful practices and techniques. This mainly targets financial institutions that issue loans based on little-to-no personal information, although the real people who share their name with the fraudster may sometimes run into trouble with the authorities.
- Child Identity Theft
Synthetic identity theft is closely connected to child identity theft, the act in which a person steals a minor’s identity and uses it for their own financial gain. That’s because children’s Social Security numbers usually have no information on them, which means that there’s also no credit record associated with them. This allows fraudsters to use a child’s identity to build credit scores, obtain personal documents, and buy and invest in properties.
This is one of the most common forms of identity theft in the United States, where more than a million victims of identity theft each year are children. The main reason why identity thieves opt for it is that it usually takes up to a decade before the victim even notices that someone else is using their Social Security number. This, in turn, gives criminals a lot of time to get personal gain before being discovered.
Examples of Identity Theft
Although no internet user is immune to online identity theft, hackers are primarily targeting major websites, services, and network. This allows them to collect personal data from thousands if not millions of users in one fell swoop rather than one user at a time. The majority of this information is obtained through data breaches. Here are some of the biggest data breaches in recent years that involved the theft of sensitive personal information:
- Between May and July 2017, hackers breached Equifax, one of the three major credit reporting agencies in the United States. During that time, the personal information of more than 143 million Americans was compromised, with at least a few hundred thousand identities stolen.
- In May 2015, hackers used the vulnerabilities in online software called “Get Transcript” to breach the Internal Revenue Service (IRS). The IRS developed this software to give taxpayers easy access to their credit history, but hackers used it to steal more than 700,000 Social Security numbers.
- In 2005, in what was the then-largest hacker attack in history, hackers have managed to access the servers of the credit-card-processing company CardSystems Solutions and steal the details of more than 40 million credit cards that the company was keeping unencrypted on its servers.
- For several weeks in December 2014, hackers have breached Anthem, one of the largest health insurance providers in the United States. During that time, they have managed to steal more than 78 million medical records that also included patients’ names and Social Security numbers.
How to Prevent Identity Theft
Hackers often use malicious software to gather personal information from users, which is why it’s important to keep your computer and your data safe. Make sure to use the best antivirus software that will provide real-time protection not only from viruses and worms but also from all types of malware.
Your online behavior also plays a part in your safety, so it’s important not to share your Social Security number or any other sensitive information on the internet. Only enter your credit card info on reputable shopping sites with the “https” prefix in the address bar and a lock icon next to it, both of which indicate that your connection is secure and that all the information you enter is encrypted. In addition to this, don’t open any links or attachments sent to you in suspicious emails or messages on social media.
Because malware exploits vulnerabilities in outdated versions of popular software, it is important to always run the latest versions of all the programs you regularly use. This includes your operating system, browser, media player, as well as your antivirus software. The best antivirus software automatically downloads security and definition updates, thus ensuring superior protection from all potential threats.
If you believe you may have been a victim of an identity thief, you should immediately report identity theft to the Federal Trade Commission. You can do it either via their website or by calling the toll-free phone number 1-877-IDTHEFT. Depending on the type of information you believe may have been stolen, you should also report it to your health insurance provider, the IRS, your credit reporting agency, and/or your bank.
- CBS News
- CNBC (1)
- CNBC (2)
- Digital Guardian
- Economic Times
- High Speed Training
- Mountain Alarm
- Nerd Wallet
Are you protected?
No one is immune to identity theft, but you can minimize the risk of having your data stolen by investing in your online security. Keep your personal information safe from hackers.