Nothing says the holidays like spending time with friends and family. To celebrate this special time of year, many of us purchase gifts for our loved ones. Doing so can become quite expensive, especially if we have large social circles. For that reason, we go through the holidays looking for sales on items we think our dear ones will love.
But don't be fooled. Not every offer is legitimate. While we scour the web for deals, bad actors try to obtain our login credentials and personal information, so that they can steal our identities and commit identity fraud. That's why they bombard us with spam,
phishing scams and other attack campaigns beginning around
Black Friday and lasting through the New Year.
Identity fraud threatens everyone around the holidays. Fortunately, knowing more about it can help users protect themselves. Let's, therefore, look at an
infographic on identity fraud that summarizes data obtained from a
Cifas Fraudscape report, as well as
public opinion polls conducted by YouGov on behalf of Equifax.
The Identity Fraud Landscape
Identity theft is when a bad actor deliberately uses a person's identity to open a bank account, complete a purchase, and/or capitalize on a similar type of advantage. If the attacker tricks a merchant or bank into believing they're who they falsely claim to be, that organization becomes a victim of identity fraud. Identity theft is the initial crime that oftentimes leads to fraud.
Actors generally follow a three-step process to commit identity theft. First, an actor uses something like a phishing attack to steal an unsuspecting user's data. Second, the actor sells that data to someone else, usually via a purchase made on the dark web. Finally, the buyer uses that data to make off with cash or other goods by diverting packages to another address, intercepting mail, or transferring money out of the victim's bank account.
Most cases of identity theft involve bank accounts. Per the Cifas report, UK users reported 64,174 cases of identity fraud related to their bank accounts in 2015. That's more than those instances of fraud involving both plastic cards (59,423 cases) and loans (13,392 cases).
Regardless of type, identity fraud increased by approximately 50 percent across all age groups in the UK. Users aged 31-40 experienced the greatest jump at 64 percent. Meanwhile, those under 21 saw the smallest increase at 47 percent.
Given these trends, it's no wonder that in a survey of 2,080 UK citizens, close to half of respondents told Equifax they're worried about identity theft (40 percent) and identity fraud (42 percent). Those concerns run up against some questionable security practices online.
For instance, Equifax found five percent of people don't believe sharing information on social media is dangerous and that seven percent of users at one time provided personal details to someone who contacted them over the phone/via email. Additionally, approximately one quarter of respondents (23 percent) revealed they never change their passwords.
A Common-Sense Conclusion
Users can protect themselves against identity theft and identity fraud by following some common-sense recommendations. First, they should check their social media privacy settings and exercise caution around what they share on
social networking. Second, they should regularly change their passwords and use a
password manager to remember those combinations for them. Third, they should watch out for suspicious links and email attachments, especially around the holiday season.
