Identity theft hit a record high in last year. And if that’s not disturbing enough on its own, the latest data on ID crimes found that the perpetrators are becoming increasingly sophisticated, gaining toeholds into poorly secured accounts as a way to access more important segments of the victim’s financial life, according to a just-released annual survey. In the past, criminals would get and sell bits and pieces of your personal information, now they have everything — your name, address, Social Security number — and they’re taking over multiple accounts at a time.
Seventeen million individuals were affected by ID theft last year–the most ever. Notably, credit card issuers have widely adopted sophisticated chip-card technology, but that hasn’t stopped the thieves. Instead, they’ve shifted to online transactions and got more savvy, opening new accounts as a means of compromising those consumers already have.
For instance, cybercriminals might pull a consumer’s passwords and other personal information from a poorly secured cell phone account and then use the purloined information to open PayPal (PYPL) and Amazon (AMZN) accounts. Roughly 1 million victims had such “intermediary accounts” opened in their names before their existing accounts were compromised. Account takeover fraud tripled over the past year, reaching a four-year high.
“Card not present” fraud — the type of transaction you’d do online — is now 81 percent more likely than frauds perpetrated in person.
Nearly a third (30 percent) of U.S. consumers were notified of a breach in the past year, up from 12 percent in 2016. For the first time ever, Social Security numbers (35 percent) were compromised more than credit card numbers (30 percent) in breaches.
How can you protect yourself?
Use two-factor authentication: Banks and brokers commonly ask you to verify your identity by receiving a text message or email when you use a new device to sign in. Now, many online merchants offer the same, but consumers generally must opt in.
Encrypt and password protect: Malware doesn’t infect only your computer. Now that an increasing amount of commerce is conducted via phone and other mobile devices, new viruses aim at them. Treat your mobile devices with the same care that you use to guard your desktop or laptop. Secure them with passwords, security software and encrypt any stored data.
Freeze or lock: If you’re not planning to apply for new credit anytime soon, consider freezing your credit reports with the three major bureaus. This will halt any new credit being opened in your name. The downside is that freezing credit reports can cost up to about $10 at each credit bureau, and if you want to apply for a loan, you would have to lift the freeze first.
Another option: Equifax (EFX) has introduced a free “lock and alert” service, which allows you to lock your credit file, releasing it with a swipe on your phone when you want to apply for credit. Notably, placing a free fraud alert on your file, with any credit bureau, works much the same way, except you normally unfreeze your file by providing a contact phone number that a potential credit grantor can call.
Say “yes” to alerts: An increasing number of companies allow consumers to put alerts on their accounts when transactions exceed a certain dollar amount, which could allow you to spot fraud before it got out of control.
Unfortunately, these measures aren’t foolproof. Co consumers also need to regularly monitor their accounts and notify the authorities whenever something is amiss as no measure is 100% effective. The bottom line is, the sooner you can detect fraud, the lower the losses tend to be.
Adapted from CBS Marketwatch 2018.