Identity fraud is when someone uses an individual’s personal information without permission, usually to achieve a material benefit. Examples of identity fraud include an unauthorized individual using the victim’s identity to perform illegal actions, obtain documents, or access the victim’s bank account.
The victim might only become aware of the fraud when related mail arrives, such as an invoice or bill for something the perpetrator ordered. For example, an individual might receive a letter from a debt collector for a debt for something they never purchased.
Identity theft is when a criminal obtains the necessary personal information about an individual to impersonate the victim. The perpetrator can use identity details (i.e., name, address, date of birth, etc.) to commit fraud, illegal activity, or unauthorized actions in the victim’s name.
For example, the criminal may use the victim’s identity to take out a credit card or open a new bank account. In some cases, identity theft targets deceased individuals.
The fraud carried out using identity theft can impact the victim’s credit rating, making it difficult to take out new credit cards or loans and directly damaging the victim’s finances.
This article is part of our series of articles about identity verification.
In this article:
Identity fraud and theft are related but distinct, though many use these terms interchangeably. While fraud relates to the misuse of the victim’s personal information or existing accounts, identity theft involves leveraging this stolen information to pretend to be the victim, for example, to open new accounts.
If you are the victim of a data breach and the hackers stole your information, you would be vulnerable to identity fraud and theft. For example, if the attacker uses your payment card details to make an unauthorized purchase, this amounts to identity fraud. Likewise, if the attacker uses your information to apply for a new credit card or find a job, this is identity theft. Identity theft thus requires identity fraud, but not all copy leads to identity theft.
Cybercriminals can now use advanced technologies to commit large-scale identity theft, such as compromising the computer systems of businesses or government agencies to steal data about millions of individuals. They can commit various crimes using this stolen personal information, including names, Social Security numbers, and other details.
Some of the main methods used to steal personal information include:
There are many types of identity fraud, although most of them fall into one of six main categories as defined by the US Federal Trade Commission:
Criminal identity fraud is an additional form of identity fraud that involves the perpetrator of an illegal action claiming to be another person when arrested. For example, the fraudster might use the identifying information of an actual individual to make the impersonation more realistic.
The following best practice can help protect an organization and its customers from identity theft and fraud.
Organizations should use several system security layers to ensure that individuals can access company information only if they have a specific need for it. For example, users should never share accounts, and every account must only have access to suitable systems. In addition, all access should be revoked after an employee leaves the company or moves to a new role.
Related content: Read our guide to identity verification services
Threat actors often use mail theft as an entry point for stealing business information. Therefore, organizations should digitally request bank statements, human resources files, credit card bills, and other valuable information instead of via mail. While becoming completely paperless is not an option for all organizations, switching to digital financial information can help minimize risks, shift to digital accounting and statements, and save money and time.
Organizations that retain paper records should keep their papers secure and locked. Only authorized stakeholders can access the information, for example, by using a locked filing cabinet or a cabinets system. For additional security, organizations put the locked file storage in a secure or locked area requiring a second level of access or use a safe or vault.
Organizations should keep business data secure by monitoring business credit reports. Basic security involves getting alerts from the government when a party tampers with these records. Additionally, organizations should quickly monitor business credit to identify suspicious activity and issues. Monitoring helps catch and fix issues on time before they escalate.
BlueCheck’s industry-leading identity verification infrastructure enables merchants to grow their business faster. As we serve a wide variety of industries, our solutions are custom-tailored to the unique needs of our customers, including PACT Act and eCommerce compliant offerings.
Schedule a call today with a BlueCheck specialist to learn more about our Age & ID Verification solutions.
{{cta('4e98f851-86a4-412f-97b5-dc3da3803811','justifycenter')}}