What’s identity theft?

Identity theft is the use of someone’s personal information for fraudulent purposes. This can include name, social security number (SSN), credit card information, or other sensitive data. It also includes unauthorized access to bank accounts, credit card fraud, creating fake identities, or taking out loans in the victim’s name. In addition to the primary financial damage, identity theft often causes severe emotional distress to victims. It also creates serious problems in recovering and returning stolen identities.

Before the advent of the Internet, criminals had to monitor a victim’s physical mailbox in search of valuable information. Another standard practice was to rummage through the victim’s stinky trash to get the information they needed for identity theft. For example, those “you’re already approved,” pre-screened credit offers we all get in the mail. However, thanks to modern technology, today’s cybercriminals don’t need to go to such great lengths to invade someone’s privacy. Big businesses and large caches of data could be more profitable. They contained on their networks present a much more lucrative target than piecemeal attacks on individual consumers.

Types of identity theft

There are various types of identity theft, each with its own specific focus and methods. I will uncover the most common types of one according to available statistics.

Account takeover identity theft

Account takeover identity theft is a cybercrime where a fraudster gains unauthorized access to your existing accounts. Usually, such attacks aim at social media pages or bank accounts. The scammer can use this access to steal your money, take out loans or credit in your name, or deceive your friends, followers, or contacts with phishing attacks or other scams. As the “next tier” victims will see messages from a familiar person, the chances of a successful scam increase by orders of magnitude.

Credit identity theft

Credit identity theft is when a thief steals your credit card data and uses it for fraudulent purchases or obtains credit cards or loans under your name. According to the Federal Trade Commission, this is the most common form of identity theft. The reason is obvious – in this attack, fraudsters can go in cash much faster than in any other way.

Medical identity theft

Medical identity theft occurs when criminals use victims’ personal information to receive medical treatment, obtain prescription drugs, or see a doctor. In the past, medical identity theft could have impacted victims’ health coverage or led to higher medical costs. However, recent changes in the law have addressed these issues. Still, scammers can incur past-due medical debts in your name, which can appear on a victim’s credit report and negatively affect their credit score. Seniors who receive Medicare are particularly vulnerable to medical identity theft, as frequent medical visits usually may not raise suspicion.

Medical identity theft is also dangerous due to the sensitivity of such information. If hackers manage to leak medical data of a person, they can further blackmail them in order to avoid disclosing their health condition. And when we are talking about celebrities, there are a lot of tabloids ready to spend a small fortune on information on such a topic.

Tax identity theft

Tax identity theft is when a scammer steals an individual’s SSN and uses it to receive a tax refund or secure a job. This commonly happens when victims’ SSNs are exposed online due to a data breach. Despite the lack of love received from taxpayers, the US Internal Revenue Service’s initiatives aimed at decreasing tax-related identity theft are effective.

Criminal identity theft

Criminal identity theft is a specific theft in which the perpetrator steals another person’s identity to commit a crime. Examples of crimes committed through criminal identity theft include driving under the influence, shoplifting, drug possession, trespassing, probation or parole violations, and failure to appear in court. The thief may use stolen name, date of birth, SSN, or other identifying information to impersonate the victim. As a result, the victim may face criminal charges, and have a criminal record. Criminal identity theft can have a devastating impact on the victim’s life.

Child identity theft

Child identity theft is fraudulently using a child’s personal information to obtain financial gain. The question arises: why would someone want to pretend to be a child? Well, there are many reasons for that. Scammers can use a child’s Social Security Number (SSN) to claim them as a dependent, obtain a tax refund, open a line of credit, get a job, or even obtain a government ID. Making someone’s child a tool in illegal credit obtaining or tax refunds is rather cynical, but fraudsters involved in such schemes never had strict moral rules.

Synthetic identity theft

Synthetic identity theft means criminals create a new identity amalgamating real and fake information. They commonly steal real information, such as a Social Security number (SSN), and make up phony information. The latter is most commonly the name, address, or date of birth. Crooks obviously do it to mask a real identity in illegal activities. The thief can then use this synthetic identity to open credit accounts, get loans, or rent an apartment. Because the identity is new, credit bureaus or lenders may not flag it as fraudulent. This makes it easier for the thief to commit fraud without being caught.

How does it work?

While the number of identity theft methods is limited by the imagination of attackers. They can accomplish it either through physical contact with the victim or remotely. Somietimes, the attackers don’t need to do anything – the victim reveals all the necessary information themselves. The following are the most common examples:

Social engineering

By far, the unprecedented winner in successful identity theft is social engineering and phishing. Phishing involves tricking people into sharing sensitive information like usernames and passwords. Attackers often use social engineering tricks to manipulate emotions – most often greed and fear. They may send spoofed emails or text messages that appear to come from trusted sources. These messages urge recipients to take urgent action to verify payments or purchases. Clicking on the provided link will redirect users to a malicious login page designed to steal their login credentials.

Social media oversharing

The next point is very similar to the previous one, but the victim is the initiator here. There’s nothing wrong with wanting to share information on social media. However, users is essential to understand and choose what information to share and what should stay in private. Thus, oversharing on social media raises the risk of identity theft in case of a data breach. Facebook and Instagram have had bugs allowing access to the personal information of millions of users. To limit your exposure, check out our guide.

Malware and Exploits

Spyware and keyloggers steal personal information, such as usernames, passwords, and social security numbers. They can infect your computer through seemingly harmless software bundles or Trojans like Emotet, which can deliver spyware and other malware. Once infected, the spyware or keylogger sends your information to cybercriminals through C&C servers. Cybercriminals exploit software vulnerabilities to gain unauthorized access to a system and steal data. Researchers aim to report and patch these vulnerabilities in a race against criminals. Commonly exploited software includes operating systems, browsers, Adobe, and Microsoft Office applications.

Misplaced phones and wallets

Identity theft can occur when people lose their wallets, purses, or cell phones. Besides, crooks can steal them. Thieves can access important identification documents and sensitive information. And since smartphones commonly contain huge amounts of personal information, it is obvious that.

Data breaches

Data breaches refer to unauthorized access to a company’s database by hackers who target sensitive customer information. It includes names, addresses, social security numbers, and financial details. This can also be caused by SQL injection attacks or misconfigured access controls. SQL injection attacks exploit weaknesses in how websites interact with SQL databases, allowing hackers to access sensitive information. The alternative to this is misconfigured access controls that can accidentally make private information public.

Who is the primary target?

Identity theft can happen to anyone, but some groups are more vulnerable than others. For example, seniors are often targeted because they may be less familiar with technology and more trusting of unsolicited communications. People with good credit histories are also at risk since criminals can open new credit accounts in their name and make unauthorized purchases. Those with higher incomes may also be targeted as they have more financial resources to exploit. Children are also vulnerable targets as their personal information can be used for fraud over an extended period before being detected since they usually don’t have a financial history.

What can I do if I’m a victim of identity theft?

If you’re a victim, use this checklist to mitigate:

• Start by cleaning your computer. The first thing we recommend performing is a full scan of your device. Scan your system for threats using a good cybersecurity program such as Gridinsoft Anti-Malware. This will provide clarity and insight into whether the threat came from the infected device.
• Next, change your passwords. Whether or not you have malware on your device, intruders already have compromised your accounts. We recommend changing your passwords to prevent attackers from accessing your accounts. Please avoid reusing passwords across sites. Consider using a password manager for unique alphanumeric passwords and to detect spoofed websites.
• Enable MFA or 2FA. 2FA is an effective line of defense against unauthorized access. The attacker must enter a confirmation code if the account login and password are compromised. Since this code is usually sent to your other devices, it reduces the chance of an attacker gaining access to the account.
• Report stolen or lost cards. We strongly recommend contacting your bank ASAP if you lose your plastic bank card. Bank employees will block the card, thus preventing intruders from using it. You can also request to have your card reissued on your bank’s mobile app. It will take a few minutes; you can link the new card to Apple Pay or Google Pay and continue using it.
• File a report with the FTC. You’ll need it to obtain a seven-year fraud alert from the credit bureaus and remove fraudulent accounts from your credit file. You can file another report with your local law enforcement agency only if your creditors demand it or you know the identity thief personally. You can dispute wrong information on your credit report under the Fair Credit Reporting Act. If the reporting agency doesn’t fix it within 30 days, file a complaint with the Consumer Financial Protection Bureau.
• Be careful of phishing emails. It is crucial to keep a close eye on your email inbox. Opportunistic cybercriminals know that many individuals whose accounts have been breached expect to receive some form of communication regarding the incident. These scammers will take advantage of the situation by sending out fake emails that trick you into providing your personal information. It is, therefore, essential to be vigilant and cautious when receiving such emails.

In addition to the above, we have a article dedicated to Identity Theft traits. In it, we describe how to protect against Identity Theft in more detail.

The post What Is Identity Theft & How to Protect Against It appeared first on Gridinsoft Blog.

What is credentials theft?

Credentials theft mostly says for itself, but in the context of email spam, things are not that straightforward. Being the subcategory of phishing, credentials theft supposes the use of a spoofed website that contains a login form. Aside from repeating the design of a login form, hackers try to create a convincing message that forces the victim to follow the link. The justification for that may be different. Such a message may ask you to join the online meeting or submit the vacation dates – they try to look naturally. Once the victim types their credentials in the form and presses the login button, hackers receive all the data. Still, it is as easy as you may think of it.

The one particular vector of credentials theft that has become exceptionally popular throughout the last year is business emails. As you may guess, compromising personal email is not that profitable, even though it is still prevalent among credential theft attacks. By stealing business emails or accounts, hackers open new, more effective attack vectors, such as spear phishing and whaling. Nonetheless, compromised business accounts are rarely used by the same crooks who perform credentials theft. Instead, such data is sold on the Darknet in a database of the same compromised accounts for a hefty sum.

Modern Credentials Theft Methods

Customising the emails to fit the current agenda, bait the user to follow the link – all these things have not changed much since the very beginning of email spam usage for credential theft. But that is not a story of the way hackers extract the credentials from the spoofed login form. I’ve mentioned that extracting the data is not just about “click the button – send the creds”. In fact, things have got an unexpected twist.

Popular way to send the data to the server from the past – a PHP file formed on the site – is quite easy to block. Most network security applications now block such a way of data sending, as it is considered unsafe even when no malicious intents are suspected. More novice approach – through using Telegram Messenger’s API – is quite easy to block either. To avoid the possible blocks from advanced security solutions, hackers started using an API of a legit mailing service EmailJS.

The API of EmailJS allows for automated email sending, using only the credentials and client-side code. It is quite convenient for spreading templated predefined emails. However, some hackers implemented the API to send the email with data from login form from the compromised site directly to their email. Since the service is recognized as legit, and is used fairly often, blocking it is not an option. Yet meanwhile, hackers keep receiving email credentials without any flaws.

Dangers of Credential Theft

Obviously, sharing access to the email account with a third party is a pretty bad situation. Things become even worse when we talk about compromised business emails – and they are targeted quite often, as I’ve already mentioned. Depending on the type of compromised account, the application may differ, though the instrumentary that hackers apply for using compromised accounts are the same for most cases.

Accounts of home users or ordinary employees are, eventually, the least valuable. Hackers may use them to spread random spam. The efficiency of such mailing may still be slightly higher than during the random account usage – just because these guys’ colleagues and relatives may eat the bait thinking that the message is legitimate.

Accounts of high-tier employees, local celebrities or even top executives are of the biggest value. Such accounts are sometimes traded alone, with the price tag of hundreds of dollars. And such prices are justified, as the guise of mentioned persons can bring hackers much bigger money in return. In this case, more sophisticated email messages are sent, often customised to the topic the recipient may expect from the sender.

Credential Theft Prevention Methods

Well, the question of preventing credential theft and providing suitable protection against it exists for a long time. For that reason, I will not repeat trivial advice like “change passwords” or “don’t follow phishing links”. Instead, I’ll try giving less popular yet effective tips.

Apply using email protection tools. There are plenty of them, though these solutions are spread as add-ons to a stand-alone anti-malware software. Such tools monitor all the attached elements, both links and files, in order to detect whether they contain any malicious things. The problem here is that such add-ons are mostly available to corporate security solutions.

Another approach towards decreasing the probability of successful phishing is using network security tools. Particularly, NDR solutions can effectively detect and weed out potentially dangerous traffic. Ones that apply zero-trust and will effectively deal with the misuse of the aforementioned API are preferred. Overall, NDRs are recommended for implementation in large networks, as it may be troublesome to control it with less advanced tools.

For single users: use anti-malware programs with an advanced network filter. Detecting phishing pages like ones used in credentials theft may not be easy manually, so it is better to give it to a specialised security software. GridinSoft Anti-Malware may offer you such functionality – its network filter is updated each hour, so it won’t miss any malignant sites.

The post Credentials Theft is On The Rise appeared first on Gridinsoft Blog.

Identity theft prevention

Unfortunately, millions of people fall victim to identity theft every year, whether it’s stolen credit card numbers or fraudulent accounts. It’s big business for identity thieves – resulting in tens of billions of dollars stolen each year. Dealing with this problem can be a long and challenging process, so it’s much better if you take steps to avoid it. Below, we’ll show you how to prevent some potential problems.

Use Two-Factor Authentication

Many people are used to storing personal data in one place. This means that if hackers hack into one online service, they can use the information they find to hack into others. For example, suppose your primary email account is compromised. In that case, a hacker could use it to gain access to other services you use by simply requesting password recovery. However, with two-factor authentication (2FA) enabled, a hacker with access to your password still won’t be able to access your most important accounts. Two-factor authentication adds another step in confirming a push notification on your smartphone.

However, if you use the same password for all of your accounts, two-factor email-based authentication won’t help. In that case, the hacker will have access to the confirmation emails. It’s more effective to use an SMS notification or 2FA app-based solution. You’ll need physical access to your phone to log into your account, making it very difficult for hackers to access it. Such security measures are significant when you use services with access to sensitive records, such as bank account information or medical records. However, it is important to be sure in your 2FA provider and the place you’re using it. There are enough cases when a vulnerable mechanism of two-factor auth led to a data breach.

Guard Your Personal Info

Your personal information can be precious to hackers, so don’t give it to strangers. Be careful of people sending you unusual messages. By accessing a friend’s address book, interested people may contact you on their behalf to get more information about you. Many sites also try to gather as much information about you as possible. The problem is that if someone gains unauthorized access to this information, they can impersonate you. You can mitigate this by trying to provide as little information as possible. Don’t give out additional information; sign up for services using a disposable email address. If the site asks you for the information, you don’t want to disclose, vote with your mouse, or sign up elsewhere.

Control what you post on social media

Sharing your messages and photos with your friends on social media is fun. However, you can share them with identity thieves if you’re not careful. Therefore, it’s essential to protect your social networks correctly. Check your privacy settings occasionally, as social media services like to make changes. Be careful about what you publish on social media. Criminals are very careful and will be happy to look through your posts for anything that scammers can use to steal your credentials or hack your accounts.

Beware of unwanted downloads

You should also be careful when downloading smartphone apps, especially paying attention to the permissions they ask for. Usually, the system asks what information the new app can access. It’s easiest to click “allow,” but don’t be in a hurry to give the app all the permissions. Also, keep an eye on what you install on your computer, as many software installers trying to bring additional software on your computer will, at best, notify you about it. Malware usually comes from warez versions of hacked applications.

Use a Password Manager

Choosing a password is difficult because sites ask you to enter numbers, symbols, and capital letters everywhere. This is probably why users often choose one password and use it on all sites. However, if someone discovers it, they can take over your entire online life and cause you much trouble. In this case, a password manager comes in handy because it can generate, store and enter long passwords for the services you use on your behalf. If you are tired of trying to remember dozens of long and complex passwords, consider several password managers and choose the one that meets your needs.

Keep Your Software Updated

Software bugs are found regularly, and these security holes can allow hackers to break into your computer. Keep your OS updated, and use the latest versions of your software. You should also check the privacy settings on your OS and devices. For example, you can adjust email settings to protect your personal or financial information. Since links to images in emails can leak your IP address and other data to hackers, we recommend you disable the automatic display of images in your email client.

Wipe data on the device before disposing of it

Before you recycle or give away your old computer, smartphone, or tablet, immediately erase all data from the hard drive. Used devices often retain outdated data from their previous owners even when they end up in the wrong hands. Next, you should use the device’s built-in data cleansing features, such as a factory reset. That’s enough for a personal device, but if it stores sensitive information, consider using third-party tools to clean it as profoundly as possible.

Use an Antivirus

A successful malware attack is usually the first step in enabling a cybercriminal to execute an identity theft successfully, so you should avoid compromising malware in the first place. Your security software should be able to resist all types of malware. However, such protection only comes with advanced software such as GridinSoft AntiMalware. Usually, free antivirus software is not enough to protect against the many threats that exist on the Internet.

Check for Data Breaches

If you use the Internet, you have multiple accounts on different services. Each new version you create adds another opportunity for an attack if it is not adequately protected. Unfortunately, companies regularly suffer from data breaches, which puts your data at risk of being collected and sold on the Darknet. Even if you’ve done your best to beef up your security, some companies aren’t always as thorough in protecting your personal information. If you suspect your leaked data, you can check it out at haveibeenpwned.com. Just enter your e-mail address to find out if you’ve been hacked.

Beware of using Unsecured Public WiFi

You risk your data using public WiFi networks, such as cafes and airports. Public WiFi networks do not have strong privacy protections, making them popular places for cybercriminals. Passwords to public WiFi networks are available to anyone who asks for them, and hackers are no exception. Because hackers use tools like Wireshark to monitor the online activity of everyone on public networks, they can launch man-in-the-middle attacks, spread malware, and even create malicious WiFi hotspots. The best way to protect yourself on a public network is to use a VPN. A VPN protects your information by encrypting all of your device’s traffic. It also hides your identity on the Internet, allowing you to browse it anonymously. Simply put, a VPN provides an encrypted server and hides your IP address from corporations, government agencies, and potential hackers. It also hides your traffic from the Internet service provider. Encryption adds a layer of security, which is especially relevant for companies that use remote access.

Although the above tips are practical, you cannot protect yourself 100% online or offline. Scammers consistently devise new ways to steal identities but are vigilant. It will keep all risks to a minimum.

The post Signs of Identity Theft: How to Prevent It? appeared first on Gridinsoft Blog.