Identity theft: the fraudulent practice of using another person's name and personal information in order to obtain credit, loans, etc.
~ Oxford Languages
Identity theft occurs when someone misappropriates your personal information to assume your identity, allowing them to deceive individuals, businesses and even government agencies. Ultimately, the degree of identity theft depends entirely on the personal data that a bad actor is able to get ahold of in the first place. So, what are the main ways that bad actors are able to obtain data about you?
Firstly, data breaches. This occurs when bad actors gain access to company servers and extract data from it. This data can be used to extort the company, to extort individuals included in the data, to sell to other cyber criminals or simply flaunt in criminal underground communities for clout. Sometimes this data is distributed online, which places your personal information in public view. It can circulate for years or decades, and bad actors can at any point attempt identity theft based on this circulating data.
Secondly, social engineering methods such as phishing can be used as a means of obtaining personal data about individuals. There are many phishing techniques employed by bad actors. For more information on this broad topic, consider our articles on things like text message scams and, more broadly, social engineering.
Thieves can also commit identity theft based on information that is contained in whatever was stolen from you - a wallet containing your bank cards and identity information, or an unsecured laptop with all manner of personal files and data. If the thief lacks the skill or ambition to commit this crime themselves, it is common to find them selling this data on criminal darkweb forums.
This is just a small list of the ways that bad actors can obtain your personal information, though much of it can be mitigated. Keep your belongings safe and make sure to practice good cyber hygiene.
One of the most immediate and tangible effects of identity theft is the financial abuse that victims often face. Identity thieves can, for example, use your personal information to access and drain your bank account. Contactless cards, for example, have been scrutinised since their inception due to the multiple vulnerabilities that they introduce. Worse than this might be the ability that identity thieves have to open credit cards in the names of their victims, or otherwise take out huge fraudulent loans. This not only places their victims in deep financial turmoil but also can damage their credit and have long-lasting effects on the individual. Even disputing these fraudulent loans and transactions can incur legal costs, adding further strain to victims.
Beyond the financial repercussions, identity theft can take a heavy emotional toll on victims. Consider that many compromised social media accounts are used to launch phishing campaigns against all of an individuals personal connections, including family and friends. In some cases, this may also include colleagues. This can be incredibly difficult to deal with as a victim of identity theft, as they might struggle to deal with feelings of paranoia, vulnerability, and distrust from those close to them. This can disproportionately affect the elderly and less technologically inclined.
It is also common to blame victims for suffering these attacks in the first place, as many do not anticipate the sophisticated methodologies that can be employed by identity thieves and think of the crime as one which is always avoidable. Despite this being untrue, it can cause long-term damage to an individual's relationships both with businesses and with other individuals.
Resolving identity theft can be difficult and time-consuming. Victims must invest significant time and effort into reclaiming their identity following an attack. This can include a multitude of phone calls, paperwork, communication with banks, credit reference agencies, government bodies and law enforcement. Legal proceedings can also consume a huge amount of time. Balancing all of this alongside your usual work-life routine can be very difficult for victims, and might itself also have knock-on emotional and financial effects.
As above, the personal information of individuals following a phishing campaign or data breach can circulate online for an extremely long time. Often, this data is sold from person-to-person, each extracting an amount of valuable data, long before it is posted publicly. That said, once it is public, it can spell real trouble for those included in the dataset. It is one thing to change your email or your password, however we share identifiable information with companies that can be extremely difficult or impossible to change. You cannot simply change the colour of your first car, or your mother's maiden name.
This information can be used to steal the identity of individuals repeatedly, for years and years. This is why it is important to remain vigilant on the common attack vectors of criminals, and to be careful with the information that we share with companies. We also need to hold companies accountable when they fail to safeguard our data.
The studied effects of identity theft can include stress, long-term issues with sleep, anxiety, a rise in other unhealthy behaviours, and depression. Each of these effects can compound and present their own list of symptoms unless the root cause is addressed. This is why it is important that victims have the help and resources they need to reverse the attack, and that they act quickly to prevent any oncoming attacks.
Identity theft is more than just a financial crime; it's an invasion of privacy and a violation of trust. The effects of identity theft can be long-lasting, impacting not only a victim's financial stability but also their emotional well-being for many years. Preventative measures such as the usage of strong and unique passwords, the practicing of good cyber hygiene and the use of multi-factor authentication are all important steps in mitigating the risk of identity theft.
For more information about how best to avoid identity theft, as well as other information about the cyberscape, make sure to visit White Blue Ocean's Newsroom for relevant guides, news and updates.
The information contained in this article is provided for informational purposes only and does not constitute professional advice and is not guaranteed to be accurate, complete, reliable, current or error-free.
Please fill in the form below (fields with * are mandatory) and we will respond to your request as soon as possible!