In 2022, there were over 1.1 million reports of identity theft received through the Federal Trade Commission’s (FTC) IdentityTheft.gov website. Security experts say the risk of this type of fraud increased dramatically during the COVID-19 pandemic.
The threat had been building for over a decade. It steadily increased as fraudsters got their hands on more personally identifiable information (PII), allowing them to open credit accounts in unsuspecting consumers’ names.
Sara Seguin, principal advisor for Fraud & Identity Risk at Alloy, a cybersecurity firm, says the growing use of technology across the financial services industry, in the years before the pandemic, set the stage for explosive growth.
“What has happened over the course of the last 10 years is digital has become more prevalent and data is being used in so many different ways, like signing up for rewards,” Seguin told ConsumerAffairs. “So you’re giving more information even when you’re checking out. That data is being exposed and stolen through multiple data breaches.”
Phishing schemes
You may have no control over data breaches but scammers are getting your PII in other ways, through digital contacts utilizing phishing schemes. And when the pandemic hit, that method took off.
“When the pandemic occurred, a lot of firms were forced, if they didn’t already have it set up, to operate through a digital environment,” she said.
That sped up the process of putting new technologies in place faster than they would have otherwise. Sometimes, the end result was not what it would have been had it been left to a natural evolution.
Law Helie, general manager of the Consumer Banking product line at nCino, a firm providing cloud banking services, says the pandemic presented other challenges. It unleashed fraudsters’ creativity as they devised ways to fool consumers.
Hey, we’re your bank
Using text messages they began contacting people, claiming to be from their bank, trying to trick them into providing account login information so they could take over accounts.
“Customers who in the past might have gone into their local branch or had some personal interaction were no longer doing that,” Helie told us. “They were ‘trusting’ that this email is real.”
Technology tools to authenticate text messages can help. But knowing what to look for can also help you avoid these traps. For example, Helie points out that if an email that is supposedly from your bank asks for personal information it should already have, that’s a big red flag.
“I get them every once in a while, they look convincing, I just know better,” he said.
Identity thieves have always been out there. But Seguin and Helie say the removal of face-to-face interaction with banks and other industries that store data has compounded the problem.
“Because you have to trust the technology and so many institutions are moving so quickly to try to plug those gaps, some of the end-user parts sort of fell through the cracks,“ Law said.
“It’s really exposed how easy it is to commit fraud,” Seguin added.