Identity crimes, like other cybercrime activities, are always changing and adapting. Internet access provides easy access to potential victims at an inexpensive cost.
Unfortunately, people do not take the time to learn how to safeguard their identities and presence.
You are at risk of online scams every day. It’s crucial that you take precautions to protect your presence. Use knowledge and best practices to safeguard personal and professional information.
Table of Contents
- Key Facts about Identity Theft & Cyber Crime
- Digital Fraud: How Scammers Reach You
- Business Identity Theft
- Digital Business Risk: E-Skimming
- Medical Identity Theft
- Financial Identity Theft
- 11 Ways to Protect Your Identity Online
Why It’s Important
Cybercriminals intend on taking advantage of your accomplishments. They want money and resources. And they will take it by whatever means necessary. They will:
- Scam you out of money directly
- Fraudulently file tax claims as your business
- Steal your business’s contacts & sell their information
- Get credit cards and loans in your name
- Sell your valuable client/vendor information
- Gain access to your bank accounts
- And more
Key Facts about Identity Theft & Cyber Crime
The Small Business Innovation Research (SBIR) reported that small businesses “remain susceptible to cyber attacks due to lack of resources and surprisingly, a lack of knowledge of the threat (SBIR, n.d.).”
The National Cybersecurity Institute noted that 50 percent of SMBs have been a victim of cyber attacks. Worse yet, over 60 percent of those attacked went out of business (LeClair, 2015).
According to Accenture, the insurance industry was the largest target for ransomware attacks in the first half of 2021. Ransomware accounted for almost 25 percent of attacks on their clients.
The U.S. Federal Trade Commission (FTC) reported that consumers lost more than $5.8 billion to fraud in 2021. This is a whopping 70 percent increase over the previous year.
FTC’s Consumer Sentinel Network took in over 5.7 million reports in 2021. Of those reports, 49% were for fraud and 25% were for identity theft.
Of the 2.8 million consumers (about the population of Mississippi) who reported to the Consumer Sentinel Network, the most common category was imposter scams. Together, they scammed them out of $2.3 billion. Online shopping scams trailed a bit further behind. Yet, this still cost consumers an incredible $392 million.
Digital Fraud: How Scammers Reach You
Fraudsters don’t discriminate. They will take money and information from anyone. They will reach you no matter how you choose to use technology. They will find you through:
- Online Ads or Pop-ups
- Texts/Phone Calls
- Social Media
We covered how scammers preyed on victims. They used Twitter’s blue check feature to manipulate people. The social platform’s rush to launch the new Twitter Blue subscription led to chaos.
Individuals and businesses are at risk of becoming a victim of cybercrime. The best way to stop it is by learning what it looks like and implementing best practices.
Let’s look at a few examples of digital identity theft. Plus, the ways you can safeguard your personal identity data and online presence.
Business Identity Theft
Business identity theft occurs when someone creates, uses, or tries to use identifying information of a business. Cybercriminals file fraudulent business returns to receive refundable business credits. They also use it to extend individual identity theft.
Many potential red flags could be filing or processing errors. These make business identity theft more complicated than individual identity theft.
How to Know You Are a Victim
- You see a line of credit or other accounts opened on your credit report.
- You receive bills for business credit/credit cards you did not take out.
- You notice unexplained bank account withdrawals.
- You stop receiving bills and other mail items.
- You receive a notification that information was compromised by a data breach with a company you do business with or have an account with (learn how to prevent a data breach within your own organization).
Learn what actions you should take if your business information has been compromised from the IRS.
Digital Business Risk: E-Skimming
In 2019, the FBI shared insights into e-skimming. Their message targeted SMBs and government agencies. They warned that if you take credit card payments online, then you may become a victim of e-skimming.
This online scam involves cybercriminals putting malicious code onto your website. It allows them to capture your credit card data in real-time.
They do this after gaining access to your server. Either through a phishing attack or via a third-party vendor attached to your server.
How to Protect Your Business from E-skimming
- Update and patch all systems with the latest security software.
- Ensure your antivirus and anti-malware are up to date.
- Change default login credentials on all systems.
- Educate your staff with security awareness training (e.g., never click on links or unexpected attachments in messages). All Aligned plans include security training and simulated phishing attacks due to its importance.
- Segregate and segment network systems. Limit cybercriminals’ access from one to another.
Medical Identity Theft
Medical identity theft is a massive risk in the healthcare industry. During a data breach, someone gains access to sensitive data. They get your Protected Health Information (PHI) from an insurance company or healthcare provider.
Stolen health information is 20 to 50 times more valuable on the black market than other types of identity fraud.
They can then:
- Sell the information (on the Dark Web your PHI is worth $250 to $1000)
- Bill for made-up medical services (e.g., a medical provider uses patient health info to submit misleading claims for financial benefits)
- Receive free healthcare by sending fraudulent claims to health insurers without your authorization
Financial Identity Theft
Financial identity theft occurs when a person uses someone else’s personal data for financial gain. It is the most common form of identity theft. They might:
- Open new accounts using your personal identifying information
- Use your credit card information to make purchases
- Steal money out of your bank accounts
The best way to combat this is through due diligence. Watch all accounts for unexplained charges. If you find one, immediately report it to your bank or credit card company. It is also important to watch your credit report for new accounts or a decrease in score.
11 Ways to Protect Your Identity Online
1. Beware of Public WiFi
Public Wi-Fi isn’t secure. Yet, there are ways to safeguard your information when you are on the go. Implement best practices such as:
- Choose to not access personal of financial information on public Wi-Fi.
- Don’t stay permanently logged into websites.
- Consider using a virtual private network (VPN). Many VPNs offer data encryption that will help secure your information.
- Utilize your mobile data. Mobile data is usually encrypted.
- Listen to warnings from your web browsers. They will often alert you before you enter a fraudulent site or download malicious programs.
- Install browser plug-ins that force your browser to use encryption on popular websites that aren’t encrypted.
- Turn off your device’s setting that automatically connects to nearby Wi-Fi.
2. Build Strong Passwords
Weak passwords make data breaches easy. NordPass published a report that found employees at Fortune 500 companies were using passwords that were easily hacked in less than a second.
Unfortunately, most people are not using strong passwords. Worse yet, they’re reusing passwords.
Use the password best practices shared in our video of cybersecurity fundamentals for small businesses (timestamp – 13:46).
3. Always Use MFA
MFA stands for multi-factor authentication. It is an authentication method that requires the user to provide two or more verification factors to gain access to a resource.
It is a core component of a strong identity and access management (IAM) policy. If you have the choice, use it to decrease the likelihood of a successful cyber attack.
Learn more about MFA in our video shared in the previous section – Build Strong Passwords (timestamp – 19:25).
4. Scan Email Links & Attachments
Be especially cautious when you receive an unexpected email. Make sure to always hover your cursor over links to verify that the link is from a trusted site.
Learn how to prevent becoming a victim of a phishing attack.
5. Limit Social Sharing
Cybercriminals love social media because people often overshare personal information. They can piece data from social sites together to conduct identity theft or conduct cyber attacks.
Make an informed decision before posting info on your profile. Use privacy settings to prevent your data from being easily accessible.
6. Take Notice of Site Security
Secure websites feature “https” at the beginning of the web address. These sites encrypt data. This helps keep your personal data safe.
However, scammers know how to create these encrypted sites too. They often create fake, encrypted sites that look like organizations you are familiar with. This means that not all https sites are legit.
A truly secure and legit site:
- Should have a modern theme.
- Check the URL (the website address) for correct spelling, typos, and characters that are one off from the legit site.
- Have security seals that redirect you to the website of a company that issued it that offers more information.
- Don’t spam you with exaggerated promises, extremely low prices, or blinking ads.
7. Regularly Install Updates & Patches
Installing updates and security patches might not be fun, but it is important to your cybersecurity. Uninstalled patches can leave you vulnerable to cyber attacks. You’re leaving the door open for cybercriminals to steal your personal data.
8. Look Out for Scamming Signs
Watch for these signs to identify an online scam attempt:
- You’re unexpectedly contacted.
- You’re told to keep a transaction a secret.
- The message requires urgent action.
- You’re asked to wire money or to buy prepaid debit cards.
- You’re asked to supply personal information.
- The message you receive sounds too good to be true.
9. Secure Data with Backups
Data security is an essential aspect of your business continuity. Data backups are an important part of this process because it allows you to have a copy of your systems ready to restore. Encrypt the backup file for added security.
10. Be Wary of Unexpected Texts & Phone Calls
One of your business’s important vendors calling. You answer only to discover that you need to pay them for services that are months overdue. The company owes them $5,238.21.
They are telling you they will end their contract if you don’t pay today. To make matters worse, you’re the one who handles paying them.
How did this happen? You know you are busy. Plus, you are under pressure from the executive team. Things have been tough at home too. The call ends.
The vendor then texts you telling you they need the money in an hour. If they don’t get it by then they will work with your competitor instead. You panic.
You can’t afford to lose your job. You better resolve this before it becomes a bigger problem. Or should you?
Stop and breathe.
Never provide personal information or send money. Chances are it’s a scam.
Remember, scammers like to manipulate you by impersonating contacts you know. Then, they launch their attack riddled with emotional tactics. The endless amount of pressure they apply often pushes you to act before thinking it through.
Instead, end the call. Reach out to the organization/person to confirm details. This is even more crucial if the phone call or text arrives without warning.
11. Stay Educated
This is arguably the most important way to stay safe online. After all, you are here today to learn.
Staying current on digital crimes gives you the knowledge needed to protect yourself, your business, and your family. Learn how to protect business data by creating an engaging cybersecurity awareness training program by downloading our free eBook.
Protecting Your Online Identity is Possible
You can prevent scams from happening to you despite fraudsters finding new tactics. Be proactive. Implement the best practices we shared with you in this blog post to protect your personal and professional data.
Subscribe to our newsletter
to get exclusive IT and cybersecurity insights.