3 Ways to Prevent Identity Fraud

  • March 2nd, 2024
  • All, Scams
  • Nucleo Consulting

What is Identity Fraud?

It is the use by one person of another person’s personal information, without authorization, to commit a crime or to deceive or defraud that other person or a third person.

Many criminals targeted digital wallet and peer-to-peer payment methods as transactions are mostly cashless. About 18 million victims fell prey to scams through these digital payment methods last year. “The culture of fraud is clearly shifting. The pandemic has created so many more points of vulnerability for families and businesses,” says Paige Schaffer, CEO of global identity and cyber protection services at Generali Global Assistance.

3 Signs of Identity Fraud 

According to the 2021 Identity Fraud Study by Javelin Strategy & Research , about $13 billion in losses were due to “traditional identity fraud,” where cybercriminals steal personally identifiable information and use it for their own gains, such as through data breaches. However, majority of the losses last year, $43 billion, resulted from identity theft scams where criminals interact directly with consumers to steal their information through methods such as robocalls and phishing emails. Victims of these scams lost $1,100 on average, according to Javelin. 

1. Unsolicited calls or emails

Spoofing technology has made it easier than ever for scammers to impersonate anyone, from government agencies to your favorite store. Avoid picking up any calls from unfamiliar phone numbers. Instead, let them roll into voicemail for further scrutiny. In Singapore, international calls are marked with a ‘+’ prefix to combat spam calls.

If you do get a message that you think is legitimately from a government agency, call or email them back through contact information listed on their website instead of replying directly.

Government agencies won’t ask you to pay for information or services upfront. They won’t call, text, email or contact you on social media to ask for your NRIC, bank account or credit card number. If you receive messages asking for this information, it’s likely a scam.

2. High-pressure tactics

If the caller says that they need sensitive information right away, it is usually a red flag. If there are threats that you’ll lose money if immediate action is not taken, it is likely a scam too. Don’t allow yourself to be rushed into buying anything or giving away any information. “Take a breather,” recommends Ron Schlecht, managing partner at cybersecurity firm BTB Security. Stay up-to-date on the latest scam tactics and data breaches. You can visit Cyber Security Agency of Singapore’s page for updates.  

3. Outdated passwords

Fraudsters typically obtain log-in information from the dark web from data breaches that have occurred in recent years. That’s why it’s important to regularly check your passwords to see if they’ve been compromised. Google offers a free password checkup tool that shows you which accounts have vulnerable or compromised passwords. Sites like HaveIBeenPwned.com can help uncover if your email has been involved in a data breach. 

Regularly updating passwords can help shut down unauthorized access to your accounts, says James Lee, chief operating officer of the Identity Theft Resource Center. 

“It’s inconvenient. It’s a pain, but you’ve got to do it,” Lee says. And don’t just use a new password across the board. Lee recommends creating a unique pass phrase on every account, such as the name of a song or a book title. “It’s easy to remember,” he says. 

The longer and more complex you can make it, the more secure your password is. A scammer using encryption tools to hack their way in your account can probably figure out a six-character password that only uses letters in a matter of seconds, Lee says. But it will take decades to crack a 12-character pass phrase that uses letters and numbers.

Even if you’re using a secure pass phrase as your log in, Lee also recommends enabling two-factor authentication on your accounts if it’s available. This generally requires you to not only enter a password, but also confirm your identity by logging onto your phone or entering a code texted or emailed to you.

Source: Adapted from CNBC

Nucleo Consulting