Australians are intensely vulnerable to scams. In the ACCC’s annual targeting scams report (2021), the consumer watchdog found that across Scamwatch, ReportCyber, 12 financial institutions and government agencies, a total of over $2 billion was reported as stolen in the last year.
These scams disproportionately affect older citizens, with the 65+ age demographic filing the most reports, and the 45-54, 55-64 and 65+ demographics reporting the greatest percentage of loses to scams. Within Scamwatch alone, the biggest source of the loss was investment scams, followed by dating & romance scams, false billing and remote access scams, but elsewhere other scams were reported to be more common. For example, another report found that one in four Australians have fallen victim to identity fraud.
According to that report, the individual impact of identity fraud is relatively mild – the misuse of personal information costs the average victim $300 on average. However, it also takes 34 hours to deal with the fallout from the fraud, and can cause extreme anxiety. There’s also the potential that, over time, the theft of identity can result in damaged credit scores, illegal behaviour being conducted in that person’s name, and other intangible costs.
It's impossible to decouple from the Internet, where the bulk of scams occur. Too much of modern life happens online. With that in mind, it’s important that every Australian redouble their efforts to protect themselves from scams and, particularly, identity fraud.
Why Identity Fraud Occurs
For the criminal, identity fraud can be a relatively simple two-step process:
- Firstly, the criminal will acquire personal data. This is much easier than many realise. Simply finding your social media profiles (including the ones that you yourself have forgotten about), and scraping them for key pieces of information such as birthdays, your location, your place of work & job title, and so on.
- Secondly, the criminal will then use that identity to open new accounts or take over existing accounts with what the information allows them to. It can be frightening just how little information is needed to convince a phone company to transfer your number to their device, and from there use the phone as a two-factor authentication device to get access to your email, for example. Once they’re in there they’ll be able to track down more personal information, and potentially enough to contact banks to start taking out loans in your name.
Perhaps the most frightening thing about identity theft is that it can be a long time before you’ll notice something is amiss. Often it’s not until you’re being turned down for loans on the basis of a poor credit score, or have debt collectors starting to investigate you, that you’ll realise that someone has managed to get enough information on you to commit identity fraud.
Protecting Yourself From The Threat
The reality is that identity theft is not like malware or more traditional IT security challenges, in that a lot of the time the criminal isn’t successful by installing malicious code on your device. In many cases they’ll instead use social engineering techniques, as well as online research skills, to track down the information that they need to start taking over accounts.
Leading security vendors understand this and ensure that their solutions go beyond protection against viruses and malware. For example, Norton 360 features subscription models that will help ward against information-gathering activities with SafeCam (preventing someone gaining access to your webcam and, potentially seeing usable information in your home space), and Secure VPN (to add a layer of encryption in all interactions online).
Most critically, Norton 360’s Dark Web Monitoring keeps a close eye on the seedy underbelly of the Internet, where personal information is traded freely, and will alert you if your data has ever been compromised. This allows you to get the jump on potential fraudsters by doing everything from changing your passwords, to notifying your banks and phone companies, right through to freezing your credit if it looks like the data being compromised is that risky.
Finally, it’s important to be vigilant and notice signs of identity theft, even if, at the time, they seem incidental and don’t have an impact on you in the immediate term. As noted on a Norton blog, the seven most common signs of identity theft are:
- Your financial statements have discrepancies, or your bank statement shows purchases or withdrawals you didn’t make.
- You get calls from credit and debt collectors about charges you didn’t make.
- The ATO sends you a letter informing you that more than one tax return was filed in your name.
- There are unfamiliar charges on your credit card statement. Sometimes thieves start with small charges around $5 to test that the card will work before making larger purchases.
- You receive major bills for services you didn’t receive.
- You don't get bills in the mail. This could mean someone has stolen your data and changed your billing address.
- You're turned down for a loan. If you typically have strong credit and expect to be approved for the loan, this could mean an identity thief took out loans in your name and damaged your credit.
If any of these occur to you, you should immediately contact the bank or relevant government department, as they will have a process in place for investigating identity theft, and protecting you as they do so.
Finally, if you should ever be the target of identify theft, you should report it to the ACCC and associated bodies. As many as a third of scam victims don’t report the crime, but the more accurate data that’s available, the better the support that will be available for victims into the future.