What is digital identity theft and what are the consequences
Statistics say that worldwide 40 percent of consumers have been a victim of online identity theft. After all, the broader the digital transformation processes, the greater the risks. However, identity theft is something that in most cases can be avoided.
What is digital identity? Digital identity is a set of information that uniquely identifies a person. For example: first and last name, e-mail address, login password, but also social security number, credit card numbers or digital copies of paper documents (e.g., photos or scans).
Digital identity theft occurs when a cyber criminal illegally and without authorization accesses another individual’s personal information. This can occur in several ways:
- Phishing, a technique that uses emails or online messages that look like official communications to trick victims into providing confidential information.
- Malware, such as viruses or keyloggers, which can also contain code that can capture users’ passwords.
- Interception of data while surfing the Web.
- Data theft from electronic devices.
- Social engineering, a hacking technique that makes use of personal information found online, such as on social networks.
Once basic information is obtained, cyber criminals are able to obtain other confidential information, such as access codes, PINs, and credit card numbers. With these they can try to access online bank accounts, make fraudulent purchases in the victim’s name, or carry out far more serious criminal acts, such as theft or fraud. Alternatively, they may decide to publish or resell the data on the dark web for other cyber criminals to use.
The most worrisome consequences of digital identity theft are the financial damage to the victim, who may incur by embezzling money or opening loans in their name. Then there are the liabilities for any other illegal acts done in their name. Finally, identity theft can also cause significant psychological distress in the victim, caused by the loss of an important part of their privacy.
Elements that promote identity theft
Identity theft tends to occur when people underestimate the risks involved in surfing the Internet. For example, using weak passwords or connecting to insecure networks encourages illegal access to personal information. Browsing unsecured websites are also worth considering: sites that use an HTTP protocol instead of HTTPS do not provide adequate data protection and allow malicious parties to easily acquire confidential information. In fact, site and app operators may also be at fault, as carelessness can also facilitate data breaches. In the event of a data breach, the operator of a website or app has an obligation to promptly inform the relevant authorities and, if applicable, all users involved.
How to defend yourself?
Here’s what to do to prevent digital identity theft:
- Use complex passwords that include uppercase and lowercase letters, numbers and symbols.
- Never share your login credentials or use the same passwords for multiple services.
- Periodically change login credentials for services such as email accounts, online accounts, social profiles, etc.
- Always update devices, software, antivirus and apps. Updates allow you to download any security patches to fix vulnerabilities that might otherwise be exploited by hackers.
- Avoid opening attachments or links sent by unknown senders and be wary of similar unexpected messages from known senders.
- Never disclose personal information to strangers or over unsecured channels.
- Use secure browsers when surfing the Internet.
- Install a firewall, which is protective software that monitors data coming in and out of devices.
- Avoid using unsecured Wi-Fi networks (ex: public networks);
- Use a virtual private network (VPN). It is not mandatory, but a VPN offers extra protection for online browsing, thus increasing cyber security levels.
- Enable two-factor authentication on all online services. Two-factor authentication involves the use of an additional, temporary code other than a password that is sent via SMS or email.
- Be careful with online transactions and make sure sites are secure before entering personal information.
- Check your bank account or credit card periodically to quickly detect unauthorized transactions.
In case of digital identity theft, the first thing to do is to contact the appropriate authorities. You must also notify your bank or other service providers to recover the stolen funds and request cancellation of the ID card or document used to make any fraudulent transactions.