Every year tens of millions of people lose their private information in data breaches. But what happens after that and how the data is leveraged for financial gain still remains foggy. Here we attempt to explain a little more background on what identity theft is, why it’s so valuable and how you can protect yourself.
What is identity theft?
According to the Federal Trade Commission, identity theft remains high on the list of reported consumer complaints to enforcement agencies every year. The most recent figures from the Bureau of Justice statistics indicate that 11.7 million people, representing 5% of all people in the U.S. age 16 and older, were victims of identity theft between 2006 and 2008. Identity theft can be perpetrated in various acts including the most common ways via mail theft, dumpster diving, pretexting, shoulder surfing and phishing.
What happens when your identity is stolen in a data breach?
Many of stolen records and identities end up for sale on the anonymous, sketchy underground sites where they are exploited by cyber criminals. Though the transactions are illegal, marketplaces on the dark web function much like legal consumer sites such as Amazon and eBay. For example, the sale price for a stolen identity can vary based on classic market factors such as quality, reliability, seller’s reputation and convenience.
Recently, Grams, a search engine for the dark web of identity theft sites, collected data on the dollar amount that stolen identity was worth on the black market. Among tens of thousands of records in the Grams data, there were more than 600 listings for individual identities—some including credit card information, others without. The listings ranged in price from less than $1 to about $450, converted from bitcoin. The median price for someone’s identity was a $21.35.
How to protect yourself from being a victim of identity theft?
Be cautious about sharing personal information
When you are in situations where you are asked to provide personal information, always make sure to ask how it will be used, why it is needed, with whom it will be shared and how it will be safeguarded. Be particularly careful when giving your social security number and use other types of identification when possible. Only provide personal information on the phone or through email when you have initiated the contact or are dealing with someone you know.
Use appropriate security measures
Keep your statements in a safe place – they contain sensitive and personal information. When you no longer need them, shred them before throwing them out or putting them in the recycling collection. Also take advantage of technologies that enhance your security and privacy when you use the Internet, such as digital signatures and data encryption.
Check your statement
Check your account statements as soon as they arrive and review your accounts on a regular basis to ensure all transactions and charges are correct. Also, look for extra or missing transactions and report any discrepancies immediately. Lastly, pay attention to your billing cycle. If credit card or utility bills fail to arrive, contact the companies to ensure that they have not been redirected.
Guard the information on your cards, checks and ID
Carry only the identification and credit cards you need when traveling. If possible, minimize the identification information and number of cards you carry. It’s also important to sign your credit cards in permanent ink as soon as you receive them. Finally, when making a purchase, keep your card in view at all times; ensure you take your card back as soon as a transaction swipe has been completed.
Still have questions? Read more on our site about data breaches and compromised credentials.