Identity Theft: How to Protect Yourself
Have you ever wondered what it's like to be in someone else's skin? Maybe a celebrity or a politician? Well, it seems like more and more people are actually trying to do so. The global digitization has contributed to a significant increase in the number of identity thefts in recent years5. The vast amount of data and information left behind by users on the Internet makes it easy for thieves to assume other people's identities and abuse these.
But what does identity theft actually mean? Identity theft is a criminal act and occurs when someone obtained personal or financial information (e.g., credit card number or Social Security number) from another person in order to abuse this information and use the identity of the victim to their own advantage3.
Attackers use various ways and methods to obtain such information:
• Browsing old or stolen hard drives
• Hacking into computers or networks
• Using information gathering malware (e.g., trojans)
• Social media accounts
• Unsecured/unencrypted text messages or e-mails
This information is then used, for example, to conduct monetary transactions, open new bank or credit card accounts, change billing addresses, or perform criminal acts on behalf of the victim2.
What are the risks and consequences?
Identity theft can not only affect a person, also organizations and their customer data can be the target of an attack. A well-known example is the US financial services provider Equifax4, a kind of American “Schufa”. The attackers captured, among others, social security and credit card numbers from 44 percent of all US Americans, which at the time was about 143 million people.
The risks and consequences for the persons concerned depend on the theft. While theft of the e-mail account may result in rather tolerable costs for the victim, for example for ordering goods or for subscriptions to dating portals in the name of the victim, the theft of the identity card can have more serious consequences. These can be, for example, contracts for flats or the execution of criminal offences2.
Identity theft can also have other intentions than the personal enrichment of the attacker. For example, damaging the victim's reputation through false publications on a social media platform can also be a possible goal1.
No matter how you fall victim to identity theft, a major consequence, besides the loss of money and the publication of private data, is the effort to put everything back in order1.
How to defend yourself against identity theft
To protect yourself against identity theft, there are two important rules2. Be careful when sensitive data such as passwords, PINs, bank details, or credit card numbers are requested. Make sure you use strong passwords, use a separate password for each user account and use two-factor authentication, if possible. But when it's already too late and the criminals have used your personal data to do damage “ACT QUICKLY!”.
If money has been falsely withdrawn from your account, inform your bank immediately and block the accounts and/or cards concerned. If you notice that a fake account with your data can be found on the Internet, change the passwords of your social media accounts. Also inform the operators of the social media platform that the reported account is a fake account using your data. In any case, if you are a victim of identity theft, you should report it to the police. If in doubt, you can always seek advice from your consumer assistance office.2
To ensure that your identity remains yours, be aware of the possible risks and take the necessary preventive measures. But don't be afraid to seek help quickly if you have been the victim of identity theft. It can happen to anyone.
About the authors
Aaron Kutzner (B. Sc. BIS) has a good understanding of the fundamental concept of identity theft.
Janik Hemrich (B. Sc. BIS) has a vast knowledge of attack reasons, scenarios, and consequences of identity theft.
David Henkelmann (B. Sc. BIS) focuses on identity theft prevention and mitigation.