Over 15 million people are victims of identity theft annually, many of whom fall into the less tech savvy 50 and over age group. Moreover, identity theft is very hard to prevent because so much of our personal data resides outside of our control.
Robert Brown, CEO of DRS, a Cognosec company, says there are two main types of identity theft: identity takeover, and account takeover. “The latter is the most common. These instances see fraudulent use of a victim’s existing, open account. An example would be a hacker stealing your online banking logins, and transferring money out of your account. Another instance would be a thief using your credit card details to spend online.”
He says identity theft is a bit more complex, and happens when a crook opens accounts in your name using your ID and information, and opening a retail account or credit card in your name. “Other instances would be using your ID when visiting the dentist, and never settling the account.”
Even should no financial losses occur, there is an enormous amount of stress and time involved in resolving identity theft. Charges need to be laid, alerts placed with credit bureaus and financial institutions and suchlike. And cases have been known to drag on for years.
“I mentioned earlier that identity theft is near impossible to prevent, as we are all dependent on the security solutions and measures that our banks and other providers have in place. There’s also card skimming at retailers and restaurants which is hard to pinpoint until after it has happened. However, there are measures you can take to lower the risk of falling victim to attacks of this nature,” says Brown.
Firstly, he advises to avoid sharing too much personal information on social media. “There are some 1.86 billion users on Facebook alone, and the explosion of social media tools has birthed a space for cyber crooks and criminal organisations to exploit these networks and access a wealth of personal data that was previously inaccessible.”?
He says a hacker can find pretty much any information he or she wants, if they are determined enough. “Many details of our lives are found on the Internet. Parents’ names, pets’ names, where we work and live, where we hang out. All of this information can be useful to scammers, so enforce maximum privacy settings, and remember the only real way to keep information safe on the Web is not to put it there in the first place.”
Next, he says to use only your personal computer at home for any online financial transactions, and make sure you have the best anti-malware installed, and that you keep it updated. “Don’t do online banking on pubic wifi networks, these can easily be hacked, and man-in-the-middle attacks carried out.”
Also, he advises to never, ever open any suspicious links in emails. “Too often these links will secretly see a Trojan installed on your machine, which will allow an attacker to spy on your every move, read your private conversations, and capture your banking logins. Further to this, have strong passwords for all sites you visit, and don’t fall prey to using the same password for everything. I know it can be a daunting task trying to remember all these passwords, but there are password managers available for that.”
In addition, be highly cautious of any phone calls from supposed government bodies, or from any financial institutions that ask for login details or similar over the phone, he says. “They never, ever will. Anyone who asks for this information is up to no good and is trying to scam you.”
Finally, and this may seem strange, Brown adds, but don’t share your ID number, or any financial login details with friends or family. “No one is suggesting they will try and scam you, but their carelessness can lead to your exposure. Rather keep your information to yourself, and reduce the risk of being a victim.”
Dynamic Recovery Services (DRS) is an ICT services and solutions provider specialising in providing innovation and agility in information security, IT risk management and IT governance. The company provides security services with a portfolio that satisfies customer needs, from the creation of security strategy to the daily operation of point security products.
The company partners with market-leading technology providers to ensure the best supply of infrastructure as well as execution of professional services, ensuring that the selected products are effectively implemented and operate efficiently in the business environment.
Cognosec is an IT security company engaged worldwide, operating in a multitude of industries including banking, finance, government, healthcare, retail, manufacturing and hospitality. Cognosec’s extensive experience in security, governance, risk and compliance services allows the company to offer the best in payment, communications, network, and e-commerce security.
Cognosec is certified in QSA, ASV, (P2PE) PA-QSA, CESG Penetration, Testing, CESG Cyber Security Incident Response.