3 Risky Scenarios For Your Identity Online

Since we use real data to create our digital identity (social security number, name, address, email addresses, and social media channels), we can see it is a bridge between the virtual and the real world.

Now, most online users know not to make sensitive information public. Still, this can’t be helped when working with services like online banking, health organizations, online shopping, or your workplace (among others). Due to the fast development of internet services, we can do most of our tasks & chores online. And, in most cases, we are safe from the prying eyes of ill-intended actors.

Of course, there are exceptions. Moreover, the last couple of years brought a new level of threats aimed at a wide range of organizations and individuals. And all this happened on a background of increasing instability all over the world.

For instance, at the beginning of 2020, ill-intended actors exploited people’s fear and need for knowledge related to the pandemic. As a result, many individuals simply handed over their personal data to dark web dwellers, in schemes that may not be as effective during times of stability.

Therefore, in an effort to increase awareness of online identity thefts and how they happen, here are the top three most common scenarios that everyone should be aware of.

#1: Good Old Phishing

This is an old scam that’s still highly efficient today. In short, the user receives an email from an official-looking government department (the FBI or the IRS, to make sure the user pays attention). In the email, the user is required to confirm their identity by clicking a link that leads to a data confirmation form on the so-called official website (a copied version of the site, but with a different URL).

The user will introduce the requested data, at which point they will be notified the confirmation was successful. However, in the background, the data go to the criminals’ database. Therefore, they now have full access to your account and extra personal information to complete your profile (fully completed profiles sell well on the dark web market).

Pay attention: Recently, phishing attacks target financial data and credentials for your bank accounts.

How to Avoid this Scenario

Never click on links received via email, even if the email seems 100% legit. If the email asks for immediate action, call your bank or organization using a phone number you trust (from their official website). Talk to one of their representatives and ask about the email.

Also, there are other ways to avoid identity theft, especially when it comes to financial information.

#2: Email Account Take Over

Our main email address is extremely important nowadays. We use it to connect to our smartphones and sync our data from multiple devices. We also use it as a recovery method for other accounts and to create secure cloud accounts.

So, it is only natural that email addresses and passwords are extremely valuable on the dark market. Sadly, many people don’t understand the power of two-factor authentication or don’t want to be bothered by it. Therefore, email hacking is common, especially when you use weak passwords.

When an account is hacked, the actor behind it will take over the account. And, before anything else they can employ a cheap scheme that almost always works. The hacker will send out a mass email to your list of friends, saying you are stranded in a third-world country, without a phone or wallet. To help you out, the friend should wire a certain sum (usually $1000) to the given account.

How to Avoid this Scenario

The first step is to activate two-factor authentication and make sure you use strong passwords. Second, if you receive an email saying your friend is stranded somewhere, first call them. They may not be aware that their account was taken over. Also, look for grammar mistakes and odd phrases – cybercriminals don’t tend to pay attention to grammar.

#3: New Account Fraud

Data breaches are the main method used by cybercriminals to extract valuable information. This is how they can get hold of your name, address, phone number, SSN, bank account, and more. Once they have a complete profile, it is easy to open a new bank account, apply for a loan or credit card, or contract utility services in your name.

How to Avoid this Scenario

Once you’re informed one of your accounts may be part of a data breach, immediately change the password for the account. Also, never use the same password for multiple accounts!

Key Takeaways

Online identity theft is a process. Even more, it’s a crime that’s difficult to identify when it starts and difficult to track when it’s discovered. Therefore, the best method of protection is prevention. Take your online life seriously and don’t be stingy on passwords!

Aug 31, 2021Chris Price

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

#1: Good Old Phishing

How to Avoid this Scenario

#2: Email Account Take Over

How to Avoid this Scenario

#3: New Account Fraud

How to Avoid this Scenario

Key Takeaways

Share this:

Like this: