A brand new study conducted by Javelin Strategy and Research, reported by NBC News, revealed two discouraging facts about the ever-changing nature of cyber fraud and identity theft: thieves are increasingly able to adapt to attempts to thwart theft, and despite our best efforts, identity thieves are boasting more victims than ever before.
2017 marked an all-time high for identity theft. Approximately 16.7 million Americans fell prey to identity theft–the largest amount ever–with thieves pocketing around $16.8 billion in total. These crimes included using stolen credit card numbers to make online purchases, emptying bank accounts online, opening bogus Paypal accounts, and even stealing a victim’s reward points for shopping at certain merchants (IS NOTHING SACRED?).
In another first, theft via stolen Social Security numbers surpassed theft committed with stolen credit card numbers. This is largely due to the scope of this past summer’s Equifax breach.
But even without the disaster that created an all-you-can-eat buffet of our Social Security numbers, 2017’s identity theft trends suggest a larger shift in the way predators are targeting victims and using their data to steal.
With the gradual transition from traditional magnetic stripe bank cards to EMV or “chip” cards, point-of-sale skimming theft and duplicating physical cards has gotten a lot trickier.
This could be motivating many thieves to focus strictly on online transactions where a chip reader doesn’t come into play–or, better yet, stealing the identifying information needed to fraudulently open a card of their own.
Having access to a Social Security number opens up a world of opportunities to cash in on a victim. Not only does it allow a criminal to sidestep tighter security that prevents transactions with a stolen or fake credit card, it also offers them a broader variety of ways to steal from a victim–especially in ways that might not be immediately noticeable.
Consider the uptick in thieves using stolen Social Security numbers and identifying information to file for someone’s retirement benefits. While using this data to alter the bank information and reroute direct deposit payments might tip off a victim quickly, a thief filing for benefits prior to the victim filing himself could stand to collect a tidy sum before the theft was detected.
It seems with each step forward we take to combat widespread identity theft, the fraudsters react with lightning speed, adjusting their methods to keep the cash rolling in.
But knowing where the focus has shifted helps us on an individual level take better care with our security, especially when using our credit cards and personal information online. If we appreciate the increasing risk and know where and how thieves access our information, we can take measures to minimize the bull’s eye on our wallets:
- Encrypt, encrypt, encrypt. Your emails. Your photos. Your messages. The financial information or documents you might store on your devices. Encrypt everything. There are multiple tools available–some open source and free-to-use–that will help you do this.
- Use two-factor authentication when possible. This is when access to an account requires more steps than just entering a password. For example, many social media platforms allow you to require a password AND a pin number texted to a mobile phone before access to an account is granted.
- Don’t use public Wi-Fi. Intercepting data over a public connection is a classic way for a thief to snatch your personal information–especially if you’re making purchases. Just don’t ever use public Wi-Fi.
- Keep an eye on your bank accounts and credit report. Many of us don’t actively monitor our financial health until the time comes to make a serious financial decision. By then, the damage could be done. Make time to screen your bank transactions for suspicious activity. Take advantage of each year’s free credit report to make sure you don’t see anything fishy (this is especially important after the Equifax breach).
The important takeaway from this report is that we all take our own cyber security very seriously–we should be as vigilant about protecting our digital information as we would about leaving our purses and wallets unattended.
Don’t wait to protect yourself until after you’ve been affected.