Welcome to the July 2022 issue of Incognito, a monthly newsletter from DeleteMe that keeps you posted on all things privacy and security.
Here’s what we’re talking about this month:
If you know someone who might enjoy learning more about data privacy, feel free to forward them this newsletter.
Google searches for “avoid ID theft” are up by a whopping 1,600% since last year, says a recent McAfee report.
Sadly, this isn’t surprising.
With ID theft happening every two seconds and affecting about 1 in 20 Americans yearly, everyone needs to know how to stay ahead of identity thieves.
42 million. That’s how many Americans were impacted by identity theft in 2021, according to a recent survey by Javelin Strategy & Research.
Of these, 15 million experienced what can be described as “traditional identity fraud,” i.e., most individuals had no clue how or where thieves got their personal information. The rest fell prey to “identity fraud scams,” i.e., criminals tricked victims into sharing their personal details with them via phone calls, text messages, emails, and other fraudulent communications.
When it comes to stealing someone’s identity, there are multiple reasons why a criminal may choose to do so. Nevertheless, the most popular motive for identity theft is money.
However, the volume of account takeovers, where threat actors steal your login credentials and then change them so you can’t log back in, also rose last year. In fact, losses associated with this particular category of identity theft jumped by 90%.
Ask the average person what they associate ID theft with, and their answer is likely to include things like “stolen money,” “bad credit,” and “hours and hours of paperwork.”
This isn’t far off the mark. Going back to the Javelin Strategy & Research study, the average victim in a traditional ID theft crime last year lost $1,551.
But your bank balance and credit score are not the only things that may get hurt by identity theft. The consequences of ID theft can be varied and far-ranging and may also include medical misdiagnosis/inability to get urgent medical care (in the case of medical ID theft), missed job opportunities (employment ID theft), a criminal record (criminal identity theft), and foreclosure (real estate fraud).
While anyone can fall victim to identity theft, certain factors can increase the likelihood of having your identity stolen. If you meet the following criteria, you may want to take serious steps to protect your identity:
Generation: Gen X, followed by Millennials and baby boomers. Gen Z have the lowest likelihood of becoming victims of identity theft, found McAfee—or at least of filing a report.
State: Georgia, Illinois, Kansas, Louisiana, or Rhode Island.
Metro area: Providence, Rhode Island; Lawrence, Kansas; Topeka, Kansas; Wichita, Kansas; Lafayette, Louisiana.
Income: Over $50,000.
Education: College degree or postgraduate qualification.
According to McAfee, certain generations are also more likely to fall for specific types of ID theft. For instance, since baby boomers are more likely to benefit from government programs, they tend to be an easy target for benefits fraud scams. In contrast, generations that have grown up with the internet and online shopping are more vulnerable to credit card fraud.
Identity theft happens when 1) criminals find/steal your personal information and 2) use it to pretend to be you.
Unfortunately, in today’s world, acquiring someone else’s personal data couldn’t be simpler. Some thieves find personal data through data breaches or the dark web. Others resort to phishing campaigns, trickery, and even physical theft (for example, digging through your trash). But most of the time, malicious actors can get all the information they need to commit identity theft with a simple Google search.
Because data brokers and people search sites have detailed profiles on millions of Americans, anyone can access your personal information for a small fee/free and then use it to impersonate you. Although this usually happens in the shadows without anyone knowing, there have been reported cases of identity thieves using data broker services.
Even seemingly benign information, like the city you were born in or your partner’s name, can make it easier for criminals to pretend to be you when they interact with official institutions or break into your accounts (via security questions). Having access to a few choice pieces of information can even help fraudsters trick you into handing them missing pieces of data they need to successfully carry out their scheme.
The surest way to decrease your chances of falling prey to identity theft is to reduce the amount of your personal information findable online. Most identity thieves go for easy targets. The harder it is for them to find out anything about you, the less likely they are to steal your identity.
At a basic level, this means opting out of data brokers and people search sites. However, you should also be wary of the type of information you share about yourself elsewhere on the web, be it on social media, forums, or a personal blog.
Other steps you should take include:
Enabling multi-factor authentication. Even if thieves can bypass your security questions with information they find on data broker sites, they still won’t be able to log into your accounts (at least, not easily).
Watching your post box and shredding your mail. If you’re going to be out of town, have your mail held, and always shred mail that contains your personal data before you throw it out.
Use masked cards to pay online. That way, data breaches, even those that expose your credit card information, won’t affect you as much.
Be vigilant and never give out personal information. Be wary of phone calls or emails asking you for personal information, especially during tax time.
Monitor your accounts following a data breach. Data breaches are inevitable. When you find out that you’ve been affected, determine what data was taken and monitor your accounts for fraudulent charges. You may also want to place a credit freeze on your files.
Our recent favorites to keep you up to date in today’s digital privacy landscape.
More Than 1.5 Million Customers Affected In Flagstar Data Breach
One of the largest mortgage lenders in the US, Flagstar Bank, suffered a data breach late last year that impacted over 1.5 million users. The breach was not discovered until June 2022, which is when the bank notified its customers. Attackers accessed sensitive user data, including their Social Security numbers. This is Flagstar’s second cyber incident in two years.
Beware New Voicemail Phishing Email Scam
Scammers are sending out fake voicemail email notifications to employees at US-based organizations. Their aim? To steal employees’ Outlook and Office365 login details. To make the email appear more believable, cybercriminals mention the name of the company their victim works for in the sender’s email address. Targeted sectors include the military, healthcare, software security, and manufacturing (among others).
Privacy-Conscious Users Switching Between Period Tracking Apps
Following Wade v. Roe ruling, which removes abortion rights in some states, users are ditching their current period tracking apps for ones they think have better data security and privacy practices. For example, period tracker app Stardust recently experienced a 6,000% increase in installs, whereas Clue downloads shot up by 2,200%. However, some of these apps are not as private as consumers may believe.
FTC Warns LGBTQ+ Community of Dating App Extortion Scams
The US Federal Trade Commission (FTC) advised users of LGBTQ+ dating apps, like Grindr and FeelD, to be on the alert for extortion scams. The scam involves criminals pretending to be potential romantic partners, sending explicit photos, and asking the recipient to reciprocate. If they do, the fraudster attempts to extort them by threatening to expose their photos to their family, employer, or friends.
Here are some of the questions our readers asked us last month.
Q: I read that browser extensions can make you more “trackable.” Is that true?
A: It is true. New research suggests that browser extensions can be used to track individuals online.
To see how identifiable you are on the web, you can use Cover Your Tracks, a tool built by the Electronic Frontier Foundation to help users understand what information about what they do online is visible to trackers.
Q: Is Chrome really as bad for privacy as everyone makes it out to be?
A: Yes. Even though Chrome is by far the most popular browser (used by nearly 65% of people browsing the internet) and gets regular security updates, it is pretty terrible from a privacy perspective.
The reason why is that it belongs to Google, a company that makes over 80% of its revenue from ads and is notorious for its data collection practices.
Chrome collects information like your location, user identifiers, search and browsing history, and product interaction. This is done for “personalization” purposes, for example, so that you can link your bookmarks to your Google Account. This data is then connected to individuals and devices, which means that Google can build up a detailed and accurate profile about you. If you use other Google products, like Google Maps or an Android phone, this profile becomes even more elaborate.
While there are certain things you can do to make Chrome more private, for instance, blocking third-party cookies, you’re probably better off switching to a different, more privacy-focused browser, like Brave or Firefox.
We’d love to hear your thoughts about all things data privacy.
Get in touch with us. We love getting emails from our readers (or tweet us @Abine or @DeleteMe).
Share with friends! If you know someone who might enjoy learning more about data privacy, feel free to forward them this newsletter. If you’d like to subscribe to the newsletter, use this link.
Let us know. Have you ever been a victim of ID theft? Are there any specific data privacy topics you’d like us to explore in the upcoming issues of Incognito?
That’s it for this issue of Incognito! Stay safe and we’ll see you in your inbox next month.
DeleteMe is our premium privacy service that removes you from more than 30 data brokers like Whitepages, Spokeo, BeenVerified, plus many more.
Save 20% on DeleteMe when you use the code DIYPRIVACY.
Our privacy advisors:
Save 20% on any individual and family privacy plan with code: BLOG20