Using your personal data to impersonate your for some sort of financial gain is called an identity theft.
Identity theft is a crime, and it is illegal, and to what extent punishment is used, will depend on the country you live in.
The important question is what can be done if you suspect that someone is impersonating you?
What are the best identity theft protection measures you can adopt?
How does a Identity Theft occur?
In order for someone to steal your identity, they need information. And that does include your private information.
With today’s modern technology, there is a lot information that may be accessible about you through your computer, a smart phone, a tablet and online information – like social sites. As a result of this, a large number of privacy breaches can result in information theft, which can then lead to serious identity theft. Based on a ability to gather both information and identity a thief can target personal and private data like login credentials, credit card numbers, social security numbers, medicare numbers and similar.
Because of this, it is important not to share any additional info online if you can avoid it in any way. Most people are open and often too casual with their personal data. A experienced thief will spend a lot of time observing a potential victim, and learning about them – typically from social media.
Over some time, a thief will create a profile, learn the way the person thinks, find out what they like, who they spend time with, and other personal info. With all that in their possession, they might even guess your password and similar details.
Another common method of data mining uses malicious software that is downloaded and installed by you accidentally from either a compromised website or it is left as a (malicious) packages on a random, relatively busy website.
Spear Phishing is a targeted attack against a specific person. This could be aimed at a person within a business network.
Spear phishing attackers spend a lot of time to obtain as much personal information about a target victim as possible to create emails that look legitimate and to not raise suspicion. Because of the more personal level of such attack emails, it is more difficult to identify spear phishing attacks over the more generic phishing attacks (less personal effort involved in the content).
In this type of attack the hacker will take advantage of masquerading as someone who you would trust, such as a your employer, bank or a regular service.
When you open the phishing attack email, it will launch malware which activate itself, establish a connection to the hacker, and them feed them selected personal data from your device. This activity will happen as a background process, so at that point you are unlikely to that something strange is going on.
Tips to avoid Spear Phishing attacks
- Be cautious with what personal information you post on the internet via your social profiles. Check your social profile privacy settings to limit what others (particularly the general public) can see. Facebook has a Privacy Checkup option. Click on the padlock icon at the top of your Facebook Profile page then select Privacy Checkup. See this link.
- Use smart passwords; An example of a secure but user-friendly password might be a concatenation of four common but randomly chosen words—something like this “usingwoodensuccessfuldesigns“. At 28 characters, it is both secure and easier to rember than say a gibberish password such as “0s!7G0*7jx$a” (12 characters), but so much easier to remember. Strings of words like this series are extremely hard for attackers to guess, and provide excellent security.
- Check for updates for your software and operating system.
- Use great caution before clicking links in emails!
Then, with so many old computers and hard drives lying about somewhere, there is a chance that a someone may be motivated to extract data from them. This is why I always hand a old hard drive back to clients and ask them to destroy it or store it somewhere safe. Other identity gathering methods include stealing personal and business documents, ‘shoulder-surfing‘, which means that someone is watching while you enter personal credentials, and for a reasonable cost buying your stolen credentials on the dark web.
When you consider that most users use only a few simple passwords, it is to be expected that one compromised password (easily cracked) will affect numerous services that a particular user may utilise. As such, there are people making a living selling such ill-gotten credentials.
There are other ways of gathering such information, but these are the main ones that you will be most aware of.
Protecting Your Identity From Getting Stolen
Knowing what to do in case of an identity theft is good, but preventing the identity theft is much better. Identity thefts are possible because of the chance of an information theft on you. Basically, it is very hard to steal your identity if there is not much public information publicly available about you.
Obviously, we to find a way to prevent them from getting access to your personal or business information about you. This includes the protection of all of your devices that have your data on them. So, desktops, laptops, smartphones, tablets, even smart watches. You need to protect all of those devices as they very likely have sensitive personal data about you.
Check your software
Always do a extensive background check for every new app or software program that you download. You may not in time whether or not the app or program might start spying on you and gathering information covertly. It is very important to update your software on regular basis. This is especially important for security software.
If Your Identity Is Stolen In Australia
If you have a issue with identity theft, first go to the police and report the issue. Ask for a copy of a report so that you could deal with potential consequences of the theft as well. Also, proceed to report your situation to the Australia Cyber Cyber Security Centre.
There’s also a IDCARE which is an Australia and New Zealand national identity & cyber support service. You can send a support request to them as well. IDCARE offer support within New Zealand, as well as Australia. Any further advice that you will need on how to deal with the situation can come from your contact with them.
You should contact any banks, PayPal, credit card companies, government agencies, insurance firms, etc that may be effected by this identity crime. Replace any cards linked to your financial institutions and where applicable close accounts you no longer use.
You are advised to get a credit report from one (or all) of the following credit reporting agencies such as:
Tasmanian Collection Service
Dun and Bradstreet
Place your request of your fraud alert to each of these agencies, so that the security action can be dealt with rapidly (damage control).
Do contact various businesses that the thief may access to and explain the situation. Also, make sure that your recorded address is still the same and valid.
A Certificate for victims of Commonwealth identity crime is also something that you can get, but it is not always necessary if you have a police report.
Who can I contact for more information?
Further information about new methods of identity crime and emerging scams can be found at SCAMWatch – a website run by the Australian Competition and Consumer Commission.
If you believe a crime has been committed you should report the scam to the Australian Cybercrime Online Reporting Network (ACORN) site.
Reports made to the ACORN may be referred to police for consideration and possible investigation.
You can also visit the Home Affairs website here for more about securing your identity.
How to check if someone Is using Your Identity?
In most cases, you may not see the consequences until it is too late.
By that time, the damage is done, and the thief has moved on. Or worse,
nearby, and waiting for things to calm down again.
However, there are often some indications that not everything is as it should be, and this is what you need to monitor regularly. For example, you might notice unexpected credit card charges, when you know that you did not buy any of the mentioned goods.
You may receive a call about some suspicious activity, something that does not match your regular behavior patterns. Fraud control departments tend to watch out for things like that, and they might want to check with you that the unusual activity is actually coming from you.
Sometimes you may even receive a new credit card, one that you did not even apply for. Next, you might notice that your money is missing, or less than it was. Or you might notice that some of your regular mail is not arriving to you.
You may even get an unexpected court summons, or a fine sent in your mail. There may be strange bills arrive that that do not apply to you, or there may be a account due for some services that you never used.
Keeping regular track of these activities is very important in our modern technical world. You need be always alert for something like this, and watch out for these signs. If you are busy and can afford to pay for someone else trustworthy to offer trusted protection on your behalf there are several Australian services that can monitor your accounts, Secure Sentinel is one them with a typical fee of $132.95 per year for personal protection or $197.95 per year for a household protection.
For a small fee, these services will keep track on your accounts activities, and alert you to any unusual occurrences. Anything that might seem suspicious or out of character will be recorded and reported to you.
By using this secure identity monitoring, you can ensure that you are will not be caught off-guard by any cyber crime with the identity thieves. It can mean a lot if you are able to discover such problems as soon as they happen. Otherwise, the event may go unnoticed long enough to find it is too late to do anything about the crime.
These are the things that might bring ruin into your life if you do not monitor them regularly, or hire a reputable service to do it for you.
Recent Identity Crime costs in Australia
Recent estimates by the Australian Attorney-General’s Department indicate that identity crime costs Australia upwards of $1.6 billion each year, with the majority (around $900m) lost by individuals through credit card fraud, identity theft and various scams.
More alarmingly, in Australia, identity crime continues to be a key enabler of serious and organised crime, which in turn costs Australia around $15 billion annually.
The common ways Identity Crime can occur
- Theft of mail articles
- Theft of wallets, bags and purses
- Malicious computer programs such as malware or spyware
- Skimming of credit and debit cards via ATMs or EFTPOS terminals
- Internet scams including phishing emails or spoofing sites designed to replicate banking and payment site
- Remote access scams giving access to a computer
- Hacking of websites or business servers containing personal information databases
- Fake online social media profiles
- Telemarketing (cold call) scams
Losing your identity to cyber crime can lead to a variety of problems. Worst case, you could lose your home, money, and everything you own if someone manages to steal your full identity and you were not laerted in time.
Identity theft is a traumatic experience, and if anything like this ever happens to you, you must know what to do.
From this post, you can see that the most important thing to do is to contact the Australian authorities listed above. After that, there is the need to cancel your various financial (credit and other) cards and alert other concerned services and accounts of the identity crime.
By doing reporting the problem as soon as possible, you reduce the chances of major damage and increase the chance of catching the thief. File as many reports as you can and certainly discuss all the case events with your banks, as they have some means to recover funds if it the problem is reported in time.