Identity fraud cost Americans a total of about $ 56 billion last year, with about 49 million consumers being victims.
This is in line with Javelin Strategy & Research’s 2021 Identity Fraud Study released on Tuesday. About $ 13 billion in losses were due to what Javelin calls “traditional identity fraud”, in which cybercriminals steal personally identifiable information and use it for their own gain, such as through data breaches.
But most of the losses last year, $ 43 billion, resulted from identity theft fraud, where criminals interact directly with consumers to steal their information using methods such as automatic phone calls and phishing emails. The victims of these scams lost an average of $ 1,100, according to Javelin.
“Identity fraud has evolved and now reflects how much criminals will do to directly target consumers in order to steal their personally identifiable information,” said John Buzzard, lead fraud and security analyst at Javelin Strategy & Research.
As the Covid-19 pandemic changed the way people bought and transferred money, many criminals targeted digital wallets and point-to-point payment methods, such as Apple Pay and Zelle. About 18 million victims were scammed using these digital payment methods last year, Javelin found.
“The culture of fraud is clearly changing. The pandemic has created many other points of vulnerability for families and businesses,” said Paige Schaffer, CEO of global identity and cyber protection services at Generali Global Assistance.
Here are three common warning signs to watch out for when it comes to identity theft scams and how to deal with them.
1. Unsolicited calls or emails
Spoofing technology has made it easier than ever for scammers to impersonate anyone from government agencies like the IRS to your favorite retailer. To protect themselves, most experts recommend that consumers avoid answering calls from unknown numbers. Instead, let them go to voicemail for further analysis.
If you receive a message that you believe is legitimate from a government agency, call or send an email using the contact information listed on your website. Do not answer directly.
If you answer a call, remember that U.S. government agencies will not ask you to pay in advance for information or services. In addition, government agencies usually do not call, text, email or contact you on social media to request your Social Security number, bank account or credit card. If you get messages asking for this information, it’s probably a scam.
2. High pressure tactics
Another great tip that a call or message is from a scammer is if he says he needs confidential information right away. It is usually a warning sign if something needs to be done immediately or if there are threats that you will lose money if immediate action is not taken.
But don’t get carried away by the rush to buy anything or give any information. “Take a break,” recommends Ron Schlecht, managing partner at cybersecurity company BTB Security.
And make sure you are up to date on the latest fraud tactics and data breaches. The FTC keeps track of fraud trends and alerts consumers about what they find. You can sign up for email updates or visit the FTC’s coronavirus scam page.
3. Outdated passwords
Many identity theft scams are carried out by fraudsters who have obtained login information from data breaches in recent years.
That is why it is important to regularly check your passwords to see if they have been compromised. Google offers a free password verification tool that shows which accounts have vulnerable or compromised passwords. In addition, sites like HaveIBeenPwned.com can help find out if your email was involved in a data breach.
Updating passwords regularly can help block unauthorized access to your accounts, says James Lee, director of operations at Identity Theft Resource Center.
“It’s inconvenient. It’s a pain, but you have to do it,” said Lee. And don’t just use a new password in all areas. Lee recommends creating a unique passphrase on each account, such as the name of a song or the title of a book. “It’s easy to remember,” he says.
The longer and more complex you can make it, the more secure your password will be. A scammer who uses encryption tools to hack into your account can likely discover a six-character password that only uses letters in a matter of seconds, Lee said. But it will take decades to crack a 12-character passphrase that uses letters and numbers.
Even if you’re using a secure passphrase as a login, Lee also recommends enabling two-factor authentication on your accounts, if available. This usually requires that you not only enter a password, but also confirm your identity by logging into your phone or entering a code sent by text message or email to you.
Output check: Use this calculator to see exactly how much your third coronavirus stimulus check could be worth
Don’t miss out: 5 ways to protect yourself from tax fraud this year