With such a wide range of ways to steal personal ID at their fingertips - from burglary and visual theft to phishing and other common email scams - it's no wonder identity thieves continue to cause havoc in and out of the workplace.
According to latest figures from fraud prevention service Cifas, there are around 500 incidents of identity theft every day in the UK. During the first six months of 2017 year there were a record 89,000 identity theft crimes recorded.
What are the most common fraud schemes that identity thieves use to steal personal information?
- Phishing scams are bogus emails and text and phone messages that lure victims to open an attachment, click on a link to a fake website, and provide more confidential information. A recent spear phishing report in the US showed that the average employee gets at least one of these risky emails per day. Prevention: Install the latest and best IT safeguards. Provide security awareness training. Do not respond to suspicious or urgent requests for information.
- Skimming is when a device is configured to secretly steal credit or debit card numbers. Criminals use illegal devices in ATM machines, or a ‘salesman’ may swipe the card onto a digital card reader. Prevention: Be mindful when using these cards. If anything feels suspicious, don’t use the machine. Keep track of financial accounts.
- Pretexting is a form of social engineering where thieves create a pretext or fabricated scenario in order to try and steal the victim’s personal information. They often say they need certain information to confirm the victim’s identity. Research shows 88% of these attacks are by email. Prevention: Provide ongoing employee education. Limit the amount of confidential information shared on social media. Use spam filters.
- Man-in-the-middle attack is when criminals intercept communication between two parties and record information – and then use the information for criminal purposes. Prevention: Protect networks and systems with firewalls and other IT safeguards. Be cautious when accessing websites (make sure they’re legitimate). Check all credit and financial accounts.
- Shoulder surfing is when someone steals confidential information such as passwords by literally looking over the victim’s shoulder. This often occurs at shop checkouts and ATM machines. In the workplace, visual hackers take pictures of information with their phone. Prevention: Be mindful when accessing different accounts and/or paying with debit or credit cards. Implement a Clean Desk Policy in the workplace.
- Bin raiding is when a thief goes through waste or recycling bins to steal personal identifiable information. Prevention: Do not dispose of intact confidential information.Have confidential information securely shredded when it is no longer needed. In the workplace, partner with a trustworthy document destruction company. Implement a Shred-it all Policy.
- Simple theft of items that contain confidential information such as a wallet, handbag or mobile device still occur. Prevention: Carry these items close, and never leave them visibly unattended anywhere. Just carry a few pieces of ID. In the workplace, schedule regular hard drive and e-media destruction services.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and data security survey.