A term that’s become commonplace in today’s world: identity theft or identity fraud. But the truth is, that identity theft in some capacity has been around for thousands of years. Any time a person impersonates someone else for the purpose of carrying out fraudulent activity, in particular financial, is a form of identity theft. As technology has developed in the 20th and 21st centuries, so too has crime. The digital revolution has also given criminals the opportunity to open a whole new world of cybercrime, but it didn’t start there.
Old School Identity Theft
Stealing someone’s identity has always been a tactic of criminals, even more so with the technological advancements of today’s digital world. Going all the way back to 1591, one of the most famous cases of identity theft occurred in Russia after Tsarevich Dmitry I was assassinated at the age of 8. A false Dmitry, whose real name was Grigory Otrepyev (False Dmitry I), claimed he had been hidden by family members all of his childhood after a faked assassination in order to protect his life. Needless to say, he was eventually called out and assassinated, but not before actually becoming the Tsar in 1605!
Fast forward to more modern times, mail has been a major tool for identity fraud. In the 1960s and 1970s, it accounted for nearly all forms of identity fraud. With the technological advancement of the telephone, came additional identity fraud- a tactic that’s still used today when scammers impersonate others in order to obtain financial or personal information. Even today, “dumpster diving” through people’s mail for personal information remains a favorite method for cybercriminals to gain access to accounts.
Another historical example of identity theft is voter fraud, a type of identity theft that continues even today in a lot of places. Identity theft has been used as a means to have more people vote in elections for a specific candidate. In modern times, voter fraud has developed to using the identities of deceased individuals or even using fake IDs in order to cast illegitimate ballots.
Fake IDs have also been a common form of identity fraud (or sometimes theft) used by criminals for something as innocent as underaged drinking, or as major as carrying out espionage activities in foreign countries. Many countries use the real identities of individuals from other countries to create fake identities or “synthetic” identities that use a mix of made-up and real personal information. Fake identities have also been used around the world to skirt immigration restrictions and regulations.
Identity Theft Today
With the rise of the internet and the digitization of the financial industry, of course, came the increase in online shopping and banking. This was a new era of fraud for criminals to take advantage of unsuspecting people which led to a wave of legislative moves to fight back against identity theft. In 1998, the US government passed the Identity Theft Assumption Deterrence Act which officially made identity theft a federal crime, and called on the FTC to track and address reports of identity fraud in the United States. But, as the internet and online shopping became mainstream, so too did identity theft.
In 2004, the US passed the Identity Theft Penalty Enhancement Act, which increased the penalties for various forms of identity theft from credit card fraud to social security fraud. In 2007, a presidential task force was created from 17 different government agencies in order to deal with the growing problem of identity fraud. This led to US Congress directing the FTC to issue an “Identity Theft Red Flags Rule”, requiring that creditors and financial institutions with specified account types develop and institute written identity theft prevention programs.” 2008 brought about the Identity Theft Enforcement and Restitution Act, which authorized restitution to identity theft victims for their time spent recovering from the harm caused by the actual or intended identity theft. Despite these legislative measures, from 2016 to 2018, victims of identity fraud lost a staggering $1.7 billion out of the consumer’s pockets.
Today, identity theft continues to pose new challenges as technology develops, but there are also advancements making it harder for cybercriminals to carry out their nefarious actions. For example, the credit card chip that has become common only in recent years brought down incidents of credit card fraud from $16.8 billion in 2017 to $14.7 billion in 2018.
With every technological advancement, there is a risk, but security teams around the world are catching up with the massive advancements in technology that criminals were initially able to take advantage of.
The Future of Identity Theft
Unfortunately, things are looking bright for cybercriminals, and more challenging for us as consumers. With the increased number of breaches to enterprises and businesses, it’s our personal data that’s being stolen. That information is later sold on the Darkweb to the highest bidder and used by increasingly more sophisticated attackers. They use it to open credit cards in our name, hack into our bank accounts, and ultimately steal our money. Hackers are also increasingly trying to get into our email accounts, as it has become a major way of assessing and verifying login information for financial accounts.
Even more concerning, new technologies are being used for fraud accounts that require 2-factor authentication through a “SIM Swap.” They also rely on AI and use simple tools to guess passwords based on basic social engineering, such as obtaining the names of your children or their dates of birth, as a common password. Every day, cybercriminals are investing in a hi-tech “business” of their own with rapidly advancing technology that is improving identity theft. Fraudsters abuse the same technologies that we are using to make our life simpler and more efficient. It’s up to us to take back the narrative and ensure cybercriminals can’t take advantage of the tools we use to improve our lives.
Curious about whether your information is for sale on the DarkNet? Email [email protected] for a free report on your data and how to update your security settings.