The number of people hit with identity fraud and the total monetary loss due to this crime increased dramatically in 2016 with more than 15 million people losing a combined $16 billion.
The 2017 Identity Fraud Study, by Javelin a product of Siber Systems, found that 15.4 million people, or about 6.1 percent of all consumers, in the United States were victimized in 2016, a 16 percent increase compared to 2015, with losses increasing by about $1 billion to $16 billion. While identity fraud is not entirely a cybersecurity issue, the vast majority of people found themselves affected due to something that happened online.
“After five years of relatively small growth or even decreases in fraud, this year's findings drives home that fraudsters never rest and when one areas is closed, they adapt and find new approaches,” said Al Pascual, senior vice president, research director and head of fraud & security, Javelin Strategy & Research.
The reasons cited in the report for the increase include more online shopping and poor cybersecurity hygiene and knowledge by those using social media.
Card not present (CNP) fraud increased 40 percent in 2016, primarily due to the increased use of online shopping. Account takeover fraud continued to increase last year with the amount lost jumping 61 percent to $2.3 billion and the number of incidents climbing 31 percent.
The introduction of EMV, or chip credit cards, helped keep point of sale fraud unchanged year over year, but their introduction has pushed fraudsters into a new area. Opening new banking accounts in the names of their victims. This trend pushed new-account fraud upward, although numbers were not supplied by Javelin.
People heavily into online shopping or social media are the primary victims of ID fraud. Facebook, Instagram and Twitter users manage to expose to cybercriminals much of the information they need in order to hack their life. People's proclivity of putting every detail of their life, their family and job online leave them open to a variety of scams.
Online shoppers also may end up exposing their information to criminals, although unlike social media mavens, their data is usually stolen from the companies where they shop.
This includes clicking on malvertising that could infect their computer with malware that takes their personal identifying information or they could innocently play a “take this quiz” game set up by a cybercrook that is designed to pull information that is often used for passwords or other security identifiers, like their college, hometown and interests," said Adam Levin, founder and chairman of CyberScout, to SC Media.
If one wants to avoid or minimize ID theft their best bet is to avoid the internet, the report said. By doing so they are able to bypass most of the pitfalls that trap the web-friendly. However, by not being digitally connected it often takes them much longer to discover, 40 days on average, that they have been victimized simply because they are removed from the best source of finding out what is going on. The internet.