How to protect your identity online
Identity theft is a growing type of fraud where somebody uses your personal information for their own gain.
Recent estimates by the Attorney-General’s Department indicate that identity crime costs Australia upwards of $1.6 billion each year. The majority is lost by individuals through credit card fraud, identity theft and scams. (Source AFP)
Identity theft is largely done for financial gain, i.e. a criminal steals your credit card details, hacks into your bank account or applies for a loan in your name. There have even been cases when criminals have conducted entire business operations in another person’s name.
Once a criminal has the information they need about you, they could:
Apply for a credit card, or bank account in your name
Run up debts in your name
Apply for a driving licence in your name
Register a vehicle (or stolen vehicle for that matter) in your name
Apply for a passport in your name
Apply for a mobile phone contract in your name
Silently hijacks your personal or business email accounts (often to hijack financial payments or other sensitive information)
Sell your data on the black market to other criminals, via the Dark Web
In this quick guide, you’ll learn about the top ways your identity could be stolen and how you can protect yourself in online world…
How can your identity be stolen?
There are a number of methods criminals use to steal personal information:
Sifting (Digital/Physical)
Do you delete or destroy your bills and financial statements? Scammers sometimes go through your physical rubbish or email accounts to find the information they need to steal your identity.
Phishing scams
Hackers use more elaborate social engineering schemes and deceptions to trick you into handing over your personal or banking information. Phishing scams are often carried out by email or SMS. They can be made to look like your bank or telecommunications provider, and some are quite convincing.
Social media
Have you ever stopped to think about how much of your personal information is online? Through sites like Facebook and Linkedin, scammers can track down information like where you work, when you were born, and your family details.
Malware
Malware and spyware can also install itself on your computer and steal your details.
Warning signs:
Warning signs that you may already be a victim of identity theft:
Important documents such as your passport or driving licence have been stolen
Items have appeared on your credit card statements that you don’t recognise
You start receiving suspicious emails requesting information such as banking details, account information or identity confirmation
You applied for a government benefit but are told that you are already claiming
You have been refused a financial service, such as a credit card or a loan, despite having a good credit history
A mobile phone contract has been set up in your name without your knowledge
You have received letters for debts that aren’t yours
What about your credit score?
If a hacker uses your ID to take out a credit card or other unauthorised transaction, it can affect your credit score, which affects your ability to obtain future credit such as a loan.
To keep tabs on your credit activity. You can track your score for free, and set up alerts to notify you of any changes with Equifax.
How to protect yourself:
• Check your privacy settings
Check your privacy and security settings on your social media sites — mainly Linkedin, Facebook and Instagram. Use the most secure privacy settings, take extreme care when placing personal details such as date of birth, address, phone contacts or educational details on your profile. Don’t accept unsolicited friend requests or connections.
• Secure your credentials
The personal information you make public on your social media profile is often used by scammers to guess your passwords. Therefore, use strong and unique passwords for each online account. Don’t use the same password for multiple accounts, especially your email. The easiest way to create, manage and monitor all your passwords is through a password management app. We recommend LastPass.
• Don’t talk to strangers
We say it to the kids, but how often do we interact with unknown characters online or over the phone? The bottom line: never accept a request to connect from a stranger online. The best way to keep a scammer out of your life is to never let them in! Be alert for shadow profiles (fake copies) of your colleagues or friends on social media.
• Avoid public and open connections
When on a public computer, avoid using websites with your personal information, such as logging into your banking or email accounts. If you do use a hotspot, are travelling overseas or in a public airport, we recommend using a VPN like ExpressVPN to secure your connection.
• Clean up your attachments
Your email is often a place where you share confidential information with other trusted parties. For example: Sharing your tax return, or passport photo with an accountant or institution. Over time, it can be easy to forget what’s still attached to our accounts. If a hacker stole your email today, what could they obtain? Using the search function, do a quick audit of all your inboxes. Consider permanently deleting old sensitive information and attachments.
What to do if you’re identity has been stolen:
If you suspect any fraudulent use of your identity, ShadowSafe recommends the following steps:
Immediately report it to the relevant parties, i.e the business that was affected, your credit card provider, bank, telco, local police.
Lodge a report with the Australian Cyber Security Centre’s ReportCyber.
Change your passwords on your important accounts and close any accounts that you don’t need or suspect have been breached.
If it involves financial credit, request a credit report update from your credit check provider or choice. Or download a free credit score app to notify you of changes.
If you’re a ShadowSafe client — notify our team immediately.
Need help securing your identity online? Or do you run a business and want to keep your systems and data secure? Talk to our Brisbane-based cyber team today.
