News Old

Identity theft is when your personal details are stolen and to be used in illicit dealings such as accessing your funds, applying for credit in your name and ordering goods online using your card details.

Going through your rubbish, known as “dumpster diving” is old hat because these days criminals don’t have to get their hands dirty to steal your personal data. With a few confidence-trickster techniques they use the internet to commit card-not-present fraud. Worse still, they can empty your bank account in seconds.

Identity theft explained

This is the use of someone else’s identity to procure services or goods by deception. You might only realise that your identity has been stolen for the first time when you start receiving letters from debt collectors for debts you didn’t incur. Hopefully, you receive a bill or invoice first for something you haven’t ordered, so that it doesn’t reach the bailiff stage.

What cybercriminals can do

Once they have access to your personal details such as full name, address, NI number and, in some cases, your passwords they can:

• open a bank account in your name
• apply for credit card
• take out pay-day loans
• put in for state benefits loans
• order goods online using your name and money
• take over your existing accounts
• take out a mobile phone contract
• procure hard copy documents such as a passport and driving licence

How to avoid online identity theft

There are some easy steps to take to protect yourself against identity fraud:

• Never give your full password, login details or bank account numbers if you receive an unsolicited phone call or email that claims to be your bank. Banks never ask for PIN numbers or a whole security number or password via an email or call.
• Your online passwords should be strong and try not to use the same one for every online facility you use.
• Invest in a password manager. For a relatively small annual fee you can get security alerts to all your devices, secure your passwords, which only you can access and have passwords generated for you.
• Protect the devices you use for the internet with current security software and ensure that you install all the updates and security fixes on your devices such as your computer, tablet or telephone.
• Don’t throw away anything that has your name and address on it and don’t leave your paper bank statements lying around. With this information, the fraudster can go online and apply for loans in your name.
• Buy a shredder. Once you have finished with the relevant paperwork, shred it before disposing of it.
• Tell your bank you want to go paperless and have your banks statements sent online. Remember to create a strong password that only you know to access the statements.
• If you still want to receive your bank and credit card statements in paper form and they don’t arrive, tell your bank or credit card company immediately.
• On social media sites don’t accept invitations from strangers and check that your profiles are private so that you are only sharing your information with people you know.
• Don’t upload photos of your car showing your registration number. Cyber crooks can use this to get your full name and address from DVLA records.

Personal identity theft is viewed as a serious offence and if you are victim to this, you should waste no time in reporting it to the relevant authorities.

This type of theft is when a fraudster, often online offenders nowadays, obtains your personal identity and financial information to make unauthorised transactions on purchases and to remotely remove money from your bank accounts.

If you are a victim of this type of crime you can be left with a damage to your credit and finances. So that cybercriminals don’t target any more unsuspecting victims, waste no time in reporting it.

There are various ways to take action if you know or even suspect private data relating to your identity has been accessed by an unknown source.

Document it

If you suspect that your personal details are being compromised, then document it, including the date it happened and where you think a fraudulent transaction has taken place. If you receive a bill, online or through the post, for a credit card that you don’t own, don’t discard this vital piece of evidence.

Keep track

Not all of us keep a regular check on all our debit and credit card transactions, which makes it easy for personal identity theft to take place. It only takes a few minutes of your day to check that all the transactions that appear on your bank or financial institution cards have been made by you.

Use the fraud line

If you are absolutely sure that fraud has been committed on your account, it is time to act. All banks have a fraud line, and these are open 24 hours a day. This is a good number to save in your contacts even if you haven’t experience fraud on your account. Making it easily accessible is going to relieve the stress when your personal identity details have been compromised.

Freeze it

Once you have contacted your bank to report the fraud, they will freeze the account. There are those of us who dread this procedure because we think we won’t have access to funds. You shouldn’t worry, because banks, especially a bank that has your current account, will provide emergency funds until they are able to unfreeze your account. Your card will be stopped too, and you might have to wait a few days for a new one, although some banks like Barclays and Metro issue new cards at their branches, which you can collect on the same day.

Call 101

If your ID has been stolen, you should contact not only your bank or credit card company, you should report it to your local police on the non-emergency number 101. They will give you a case number, which you can use if you have to make an insurance claim.

Tell Experian

This credit reporting agency has a Victim of Fraud support team to help customers clear up their credit reports once they have been subjected to personal identity fraud .They will help with your dispute on fraudulent information and deal with the lenders direct. Once your information has been confirmed as fraudulent then the lender will remove you from the report.

Falling victim to a “hack attack” is a real danger for those of us who rely heavily on our devices – from smartphones to PCs.

Hacking is a term most of us are all too familiar with, but would we be able to recognise the signs that our devices have been hacked?

If you suspect you are a victim of hacking meaning that your personal identity and finances are in imminent danger, then you will need to know what to look out for.

Hacker isn’t backward coming forward

Some hackers don’t hide behind their virtual screens and will contact you with the bad news that you are their stooge. This could come in the form of an email, through a direct message or via ransomware. The perpetrator can even go as far as providing you with evidence that they have your personal identity in their hands. You will then be expected to pay some sort of ransom, very often in the form of cryptocurrency that is hard to track.

This method is often a ruse, so don’t be fooled at first glance. It could be that they had access to a previous password of yours and provide this as evidence that they can compromise your device.

In for the Kill

If it is for real, then the hacker is likely to go straight for the kill and encrypt your system, holding you ransom until you pay up for them to reverse their dastardly deed. Don’t comply to their demands, as by doing this you will be enabling them to keep you on a string.

Change your password, develop a two-factor authentication, where possible and change all other accounts activated by the same password. Report this internet intimidation to the service provider of the site and log the incident on the police’s Action Fraud website.

So, log into the account in question, change the password and activate two-factor authentication if possible. Also, if any other accounts are using the password you’ve been threatened with, change them immediately. Then forget all about it. Also, never ever give money to these people, it will do nothing to help you and only embolden them.

Log in failure

This is one of the most obvious signs you have been hacked when the procedure you use for accesses an account isn’t working. Don’t abandon the log in on your first attempt and power down your device before trying again.
If this doesn’t work, then you should request a password reset and change it if you can. Once again, activate the two-factor authentication if you can. This gives you a one-off code sent to your email or phone every time you need to access the account.

An email account hack means that you will not be able to access your emails on any of your devices. Hopefully, you have set up backup recovery options such as a secondary email. If not, you need to contact the service provider immediately so that they can suspend your account before verifying your identity.

Malware is a new word created by the tech industry, which describe a certain class of malicious applications that play havoc with our computer systems and mobile devices.

Similar to spyware or adware, malware is a particular type of tool used by cybercriminals to gain access to your computer to make it perform a function that is often aimed at stealing your personal identity.

Protecting our devices and sensitive information against malware attacks is a complex procedure. Going back twenty years, the computer literate could follow pretty simple instructions to delete bots and remove viruses from sub-folders. This has just made the cybercriminals to step up a gear to make advanced malware tools that are becoming harder and harder to detect.

Malware is now designed to hide in seemingly innocent directory folders where they set about creating their own web portals that can devastate your system and even reproduce your data stored in the cloud.

Malware is designed to spread

These viruses will make your PC automatically run through the instructions giving it access to other computers via a network or by attaching to a shared file. Once the infection has set in these file can be corrupted and even erased.

Malware can also attach itself to a device’s processing system much like a parasite.

Browser hijacking malware

These malicious viruses affect the programmes used to access web pages. You can experience browser hijacking in a number of ways:

• You notice your default home page has changed
• Your default search engine has changed without you instructing it to. If your default is Chrome, for example, and suddenly you are redirected to Ask Jeeves, then it is likely that your browser has been burgled.
• There is a sudden appearance of pop-ups
• There is a redirection to web sites unknown to you
• The loading of website pages becomes slower

Adware

The sudden arrival of various kinds of adverts in the form of alerts or pop ups is from the malware family and known as adware. By clicking on these you could be tricked into downloading unwanted programmes or be unaware of the fact that you are bookmarking this or saving it to your favourites.

This type of malware is used to prompt your web browser to display adverts not posted to websites you visit. If your computer has been attacked by malware of this sort. You will be plagued with unwanted pop-ups and alerts whenever you access any website. These will have nothing to do with the subject matter of the site. Adware is not as bad as spyware, but it is still not an ethical practice.

Spyware

Spyware is used to monitor and track your computer activity. Once a pattern has been ascertained your personal information, along with thousand of others, will be sold as a batch of IP address traffic or browser history. Beware, because not only will your files be compromised, images and even webcams can be accessed.

Malicious files

These usually arrive in via your in-box in the form of emails that encourage you to open them. Cyber crooks will lure you in with red flag warnings such as telling you your computer is at risk or emotional, seemingly personal subject matter such as “I am sorry, can you forgive me?”. Opening these can lead to the perpetrators taking over your device.

While the UK struggles to make progress towards the digital transformation many experts say it needs to ensure a secure, prosperous future for its citizens, other countries around the world are proving more decisive. Adoption of “foreign” technology, as well as concerns over civil rights and liberties, have been cited as possible obstacles to progress in this area among different groups within the British polity.

Perhaps for reasons of culture and history, some nation states adapt to and adopt change more quickly than others. As a recent international conference has shown, in the field of online digital identity verification, four countries in particular are making great strides in embracing this technology; to the benefit, as their leaders see it, of their states, businesses and citizens.

International cooperation during the pandemic

October 2020 saw a Global Government Forum on digital ID. This was, of course, a webinar; apart from other logistics involved in organizing such a forum in person, the global Covid 19 pandemic made any possibility of this redundant. Nevertheless, the forum went ahead. It was a meeting between an IT provider and leading civil servants from the governments of Germany, Norway, Estonia and Singapore.

If this collection of countries seems rather unlikely, that is not surprising. The first three territories lie in northern Europe, the fourth in south east Asia. Germany is the world’s fourth richest country, Estonia the 21st. Norway has a population density of 15 people per square kilometre, Singapore 8,358. There are many other factors which divide this collection of nations and economies, but one which unites them; E-Government.

In fact, Estonia ranks in the top three of the UN’s E-Government survey. It, along with other countries including Singapore, is showing the way forward in incorporating digital transformation as a mainstream national economic strategy, post-pandemic and into the 21st century. Crucial to these strategies is the adoption of online digital ID verification.

Relative ease of implementation

Estonia and Singapore have advantages over other countries in terms of implementing national digital ID systems. In Estonia, for example, the collapse of the Soviet Union and the Eastern Bloc in the early 1990s meant that the national government was able to start from scratch in many ways. One of these was in using technology to develop the country’s economy as quickly as possible.

Singapore, meanwhile, is defined by its island geography, and is a self-contained nation state. With tight control over its borders, who is allowed to cross them, why and when, the establishment of a digital national ID system presents far fewer problems than in many nation states. Singapore is also a leading financial services provider, and an IT innovator in its own right.

Success stories

Both Estonia and Singapore have used digital ID as a means of making their citizens’ lives easier, government more efficient, and businesses more profitable. For its part, Norway is looking to streamline a national digital ID scheme with its banking system; this has already seen a 92% adoption rate among its citizens. The German government, meanwhile, is hurrying to adopt digital ID before businesses within its own borders do just that, at a huge profit.

Identity theft is the crime of obtaining the personal or financial information of another person to use their identity to commit fraud, such as making unauthorized transactions or purchases. Identity theft is committed in many different ways and the end result is that victims are typically left with damage to their credit, finances, and reputation.

Identity theft occurs when someone steals your personal information and credentials to commit fraud.

There are various forms of identity theft, but the most common is financial.

Identity theft protection is a growing industry that keeps track of people’s credit reports, financial activity, and Social Security number use.

Understanding Identity Theft

Identity theft occurs when someone steals your personal information—such as your Social Security number, bank account number, and credit card information. Identity theft is committed in many different ways. Some identity thieves sift through trash bins looking for bank account and credit card statements. Other more high-tech methods involve accessing corporate databases to steal lists of customer information. Once they have the information they are looking for, identity thieves can ruin a person’s credit rating and the standing of other personal information.

Identity thieves increasingly use computer technology to obtain other people’s personal information for identity fraud. To find such information, they may search the hard drives of stolen or discarded computers; hack into computers or computer networks; access computer-based public records; use information gathering malware to infect computers; browse social networking sites; or use deceptive emails or text messages.

Victims of identity theft often do not know their identity has been stolen until they begin receiving calls from creditors or are turned down for a loan because of a bad credit score.

Types of Identity Theft

There are several types of identity theft including:

Financial Identity Theft

In financial identity theft, someone uses another person’s identity or information to obtain credit, goods, services, or benefits. This is the most common form of identity theft.

Social Security Identity Theft

If identity thieves get a hold of your Social Security number they can use it to apply for credit cards and loans and then not pay outstanding balances. Fraudsters can also use your number to receive medical, disability, and other benefits.

Medical Identity Theft

In medical identity theft, someone poses as another person to obtain free medical care.

Synthetic Identity Theft

Synthetic identity theft is a type of fraud in which a criminal combines real (usually stolen) and fake information to create a new identity, which is used to open fraudulent accounts and make fraudulent purchases. Synthetic identity theft allows the criminal to steal money from any credit card companies or lenders who extend credit based on the fake identity.

Child Identity Theft

In child identity theft, someone uses a child’s identity for various forms of personal gain. This is common, as children typically do not have information associated with them that could pose obstacles for the perpetrator, who may use the child’s name and Social Security number to obtain a residence, find employment, obtain loans or avoid arrest on outstanding warrants. Often, the victim is a family member, child of a friend or someone else close to the perpetrator. Some people even steal the personal information of deceased loves ones.

Tax Identity Theft

Tax identity theft occurs when someone uses your personal information, including your Social Security number, to file a bogus state or federal tax return in your name and collect a refund.

Criminal Identity Theft

In criminal identity theft, a criminal poses as another person during arrest to try to avoid a summons, prevent the discovery of a warrant issued in their real name, or avoid an arrest or conviction record.

The unprecedented events of 2020 have led to a number of developments in the United Kingdom, many of which will be with its citizens for years to come. Social distancing, remote working and self isolation have highlighted some of the benefits of digital transformation for individuals, businesses and the state. However, it is fair to say that the issue of technology and how people use it – and vice versa – is proving to be a thorny subject for the UK’s government.

For those who see online ID and documentation checking as a positive way forward for modern societies, some of the developing situations in Britain will make for disturbing reading. How successfully the government manages the digital economy and society in the coming months could be pivotal for many reasons.

IT’s high profile during lockdown

From the implementation of a national lockdown in the UK in March of 2020, the role of IT, the internet and telecommunications assumed an even greater significance than it had held already. With the closure of educational establishments, in particular, remote learning became the only way most students could receive any teaching. On top of this, the UK’s population were told to work from home wherever possible.

Zoom made its debut into the lives of millions of Britons. From parliament to virtual family get-togethers, this proprietorial piece of software and its boxes became a fixture of national life. As such, Zoom represented a positive contribution which IT could make to normal people’s lives.

At the same time, however, other promised IT-based developments had the opposite effect. In particular, the failure to initiate any kind of track and trace system, as successfully adopted early in other countries, became something of an issue. When the government then held a failed trial on the Isle of Wight, this blow to confidence in IT was compounded.

Concerns over data use

Whatever the perceived merits of IT among the British public, its merits are being promoted by the government. There have been announcements in the press about a desire to introduce a UK-wide digital identity system, to help both during and after the pandemic. With such a system, for example, it is argued that owners of pubs and restaurants will be able to instantly verify a customer’s age.

Civil liberties groups, however, are far from convinced that a national digital ID scheme is either desirable or practicable. They cite examples of abuses both in the UK and abroad. In 2019, the UK government was forced to apologize to EU citizens and its own Windrush subjects for data breaches. Elsewhere, a breach in India in 2018 led to the details of many millions of its citizens being leaked via an insecure ID card.

Careful management needed

There are many examples from across the world where secure, online digital ID verification makes a huge contribution to society and economies. This situation should be possible in the UK going forward, as the country has both the expertise and resources either in place or within reach. How the government negotiates its way through the end of lockdown restrictions and into a “new normal” could define how – or if – the UK is able to harness this technology.

Personal identity theft will almost certainly have a negative effect on your finances, but the other consequence from this criminal act is the impact it has on your mental health.

Online racketeering can leave you penniless, have you falsely arrested because of criminal identity theft or have bailiffs hammering on your door demanding payment for a loan taken out in your name.

As a result of this financial blow comes an impact on your mental health, an aspect of cybercrime which is often overlooked.

Financial

Financial complications caused by personal identity theft can last for months. If the cybercriminal has gained access to your personal details and has emptied your bank account, there is a chance your institution will not reimburse you.

So, never:

• provide your bank details to a caller or in an email from someone claiming to be from your bank or the police. If you willingly provide these details, your bank is unlikely to reimburse you.
• give a stranger your password or security codes to your accounts

And always:

• report any suspicious activity on your account to your bank’s fraud team
• freeze your account by calling the bank immediately once you realise your card has been stolen
• call your mobile phone provider and block your phone immediately if it has been stolen.

A sound credit rating is important to all of us and if the thief has taken out loans in your name then it might take months to restore your good credit. This could have a huge financial impact on those of us who are planning to apply for a mortgage or need to take out a loan ourselves due to unforeseen circumstances.

Emotional

Financial loss is one thing, but with personal identity theft often comes an emotional consequence that can take years to overcome.

Cybercrime victims are almost always traumatised to some degree when not only have they been robbed, but a myriad of emotions ranging from annoyance and anger to depression and guilt.

The emotional impact on the victim depends on the level of cybercrime. Some people might feel initial shock or annoyance, followed by anger, while others take the invasion of privacy far more seriously and experience anxiety and depression.

Guilt is a common emotion following many a cyberattack. If the victim was duped into providing personal information that led to the crime, they will feel that they should have known better. If the crime has a financial impact not only on the invidual, but a family or an organisation, the victim will experience all the more guilt.

If personal slurs have been put about on social media under your name, then this type of personal identity theft can have a devastating effect on your mental health. This type of acrimonious activity could be aimed at ruining your reputation and clearing your name is going to take time.

If you are a victim of a cybercrime of any sort the UK’s Cyber Helpline can offer a range of advise and support to help you through your dilemma.

From breaking into our bank accounts to bypassing our passwords, we are becoming increasingly familiar with the unpleasant effects of identity theft.

In the USA alone, losses of about $1 billion are registered every year relating to identity theft.

There are ways of keeping on top of your personal online security and it is important to keep up to date with the latest in cybercrime.

Enticing offers

Think twice about clicking on an advertisement pop-up or even filling out a form without reading the terms and conditions carefully. Even normal browsing activities like clicking on an enticing ad or filling out a form for downloadable content can lead to online identity theft when users don’t know what to look for. Keyloggers can be overlaid on seemingly legitimate banking or investment apps and intrusive tracking procedures can be signed off on by users who fail to read terms and conditions notices carefully.

Downloading files

Check that the site you are downloading from is secure before downloading any files. The main files to avoid are ones with extensions ending in exe, scr, bat, com or pif. Double extensions such as a file ending in exe.gif are dangerous too, so don’t download a file ending in either of these.

You can also validate a file’s digital signature by clicking on the publisher link in the security dialogue box when you first download a file.

Clicking on pop-ups

Pop-ups are small windows that appear over the top of web pages in your internet browser and although not all are bad, some can be devastating, delving into your data and wreaking havoc with your personal details.

Pop-ups that are up to no good often include a button that prompts you to close or cancel it, but this doesn’t mean it is going to dismiss the pop-up. Instead, it could trigger another pop-up or even download a virus. Most of us have the facility to block pop-ups on our computers and we should check that this is in place if we keep getting pesky and suspicious alerts.

Some don’t come from websites but from malware or a Trojan Horse that has been secretly installed on our systems. If you discover this and you use the computer for banking and online shopping, then change all your passwords immediately and have the computer thoroughly cleaned by using good security software.

Opening email attachments

Email attachments can carry potential dangers, especially if the email that arrives in your inbox is one you don’t recognise. Don’t be tricked into opening up an attachment even if it is marked “urgent”. In the click of a button your personal online identity could be compromised.

Using information taken from an initial email, cybercriminals can combine seemingly innocent pieces of data like an IP address and the software version you are using to send a more convincing email in the hopes that it’ll grab your attention. This is known as bait mail.

Your spam mail monitor should be reducing the risk of you opening a phishing email, but if by chance one escapes the net and lands in your box, then don’t open it or any of the attachments that come with it.