Five big mistakes that could make you a victim of identity theft
Identity theft is incredibly common in Britain today. Fraud accounts for 40% of offences in England and Wales, with 64% of those cases being identity fraud, according to official figures.
Research by the cybersecurity watchdog the National Cyber Security Centre (NCSC) found that 80% of fraud is now ‘cyber-enabled’, where criminals scour the internet for information on people before stealing identities and committing fraud.
In a time when people frequently share personal information online, what are the biggest mistakes people can make which lead to identity theft? Yahoo News spoke to some top cybersecurity experts.
Sharing images that show who you are
Think carefully before you share images like concert tickets or yourself at work on social media, advises Javvad Malik, lead security awareness advocate at KnowBe4.
"Social media users may feel excited to be going on holiday or to a concert or event, but taking pictures of boarding passes, concert tickets or similar may reveal information like names, date of birth or addresses, not to mention let criminals know they’re not at home," says Malik.
Sharing an image of your workplace can reveal large amounts of potentially identifying information that could also open up you (or your employer) to cybercriminals.
Signing up to thousands of online services
Every time you sign up to an online service that requires your name and address or phone number, you increase the risk of these details leaking in a cyber breach. You should avoid giving out this information unless really necessary, warns Malik.
You should also be wary of sites that ask for details such as full name, date of birth, address and mobile number as a condition of signing up. He observes, "For non-essential accounts, users shouldn’t have to feel like they need to give this information away when it is not legally required."
Using your football team as a password
For ‘less important’ online accounts, many of us still use very obvious passwords such as the names of football teams or pets.
The NCSC found the password 'Liverpool' had been used 280,723 times and ‘Chelsea’ 216,677 times in just one trove of passwords leaked from major cyber breaches.
Simon Newman, co-founder of Cyber London and International Cyber Expo Advisory Council member, says, "Many people still use the same password for multiple accounts. Setting up two-step verification (2SV), is a way of 'double checking' that you really are the person you are claiming to be when logging into online services, such as banking, email or social media.
"It only takes a few seconds to set up, but makes it significantly harder for the cyber-criminal to access your accounts."
Doing quizzes online or on social media
Doing seemingly innocent quizzes online can give criminals enough information to assemble a fake identity, warns Brian Higgins, security specialist at Comparitech.
Higgins says, "A famous example on Facebook a while ago was, 'What’s your Hobbit name?'"
"These days there are plenty doing the rounds on other platforms that ask for images instead – 'post your ‘90s self' etc – which are clearly designed to build more sophisticated deepfake content."
Using public wifi hotspots
Unsecured public wifi hotspots can pose serious security risks, warns Chris Hauk, consumer privacy champion at Pixel Privacy.
Hauk says, "Many people also use unsecured routers, either at a wifi hotspot at a coffee shop or at home. Many wifi hotspots are not password-protected to offer convenience of use.
"Unfortunately, this means that unless you're using a VPN, your online activities could be monitored or intercepted."
Read more
Companies play catch-up on cybersecurity (Bloomberg)
How to keep children safe on mobile phones(Yahoo News)
Head teachers warned on cyber risk(National World)