Are you really on social media if you haven't had a fake account created in your name yet? Even if this hasn't happened to you, chances are that you've seen friends go through something similar.
Identity theft is a growing concern globally as technology plays an increasingly pivotal role in personal and business transactions. The convenience and efficiency offered by online platforms and digital transactions have since increased opportunities for malicious actors to exploit vulnerabilities.
Between August 2022 and August 2023, scammers stole an estimated US$1.02 trillion (S$1.4 trillion) globally. The biggest losers? Singapore. The joint study by non-profit organisation Global Anti-Scam Alliance (Gasa) and data service provider ScamAdviser found that Singapore victims lost the most on average out of the 49,459 individuals from 43 countries surveyed.
And it doesn't help that Singaporeans are complacent about scams-a striking 68 per cent of Singaporeans are confident in their ability to identify scams.
So how can Singaporeans help themselves? Let's start with the most common scam of the lot-identity theft. In 2022, there were 7,097 phishing cases that year, with victims losing $16.5 million, as reported by the Singapore Police Force.
What is identity theft?
Identity theft occurs when someone wrongfully obtains and uses another individual’s data such as name, government ID or passport details to commit a crime or fraud.
In many cases, victim’s losses are not confined to out-of-pocket financial losses (such as credit card charged run-up in the victim’s account). They can include additional financial costs associated with trying to restore their reputation in the community and correcting erroneous information for which the criminal is responsible.
Distressing forms of identity theft tend to result when someone swipes not just a victim’s card but also their entire financial persona. With enough identifying information about an individual, a criminal can take over that individual’s identity to conduct a wide range of crimes.
These could include false applications for loans and credit cards, fraudulent withdrawals from bank accounts or means to obtain other goods or privileges which the criminals might be denied if they were to use their real identities.
What other platforms assist with identity theft?
Unsurprisingly, information found on social media platforms can facilitate identity theft. Common types of personal information on LinkedIn such as education and employment history, current role and current location provide fraudsters with historical data to support their misuse of victims’ identities.
Other social media platforms like Instagram, X (formerly Twitter) and Facebook can also serve as rich sources of information. This may include details about an individual’s family, such as the partner’s name and date of birth (potentially a co-signatory to a bank account), the individual’s whereabouts and physical appearance.
How to protect yourself against identity theft
If an identity thief is opening credit accounts in a victim’s name, these accounts are likely to show up on the victim’s credit report. A credit report contains a record of an individual’s credit payment history and is released under legally permitted conditions to credit providers when they make enquiries about the individual.
Individuals who suspect their identity has been stolen can request a credit report. Once they get their report, they should review it carefully for enquiries from companies they have yet to contact, accounts unfamiliar with, and debts that cannot be explained.
Information such as identity number, address, name and other personal details must be verified and any fraudulent or inaccurate information should be reported immediately.
Protecting your identity involves putting measures in place to keep your details secure, as well as knowing what to do if you become the victim of identity fraud.
1. Use secured devices
One of the most important ways to protect yourself from identity fraud is to exclusively use trusted and protected devices on websites or applications that handle your personal information or online transactions. Such websites include social media, online marketplaces, government agency websites etc.
To keep your devices secured, do not open suspicious websites, emails or downloads. It is also advisable to run scheduled virus protection scans regularly. By using trusted and protected devices, you can be sure that your device will not be compromised or be vulnerable to security phishing.
2. Forget passwords, you need passphrases
In addition to using trusted and protected devices, security measures can be beefed up by using secured log-ins. Passphrases, instead of passwords, should be long, complex and unique.
By using a combination of lower-case letters, upper-case letters, special characters and numbers, you can generate a complex and secured passphrase.
Avoid using the same passphrases on multiple websites or applications because doing so will increase your vulnerability. We know you’re guilty of doing that.
3. Employ 2-factor authentication whenever possible
2FA is a layer of security in addition to your username and passphrase. Common 2FA methods today include an SMS verification code or a biometric verification. It is an excellent way of preventing hackers from accessing your data. By using a secured log-in, you can greatly reduce your risk of identity fraud.
4. Avoid sharing information carelessly
With the enormous number of advertisements and promos today, it can be easy to unknowingly give your personal information to others. Be very careful when signing up with foreign platforms. You should be aware of their data protection policies and be discerning with the data you divulge.
Such caution should also be applied outside of the digital world. As personal information is used as a layer of verification for banks and financial institutions, it is best to not share carelessly.
5. Consider a credit tracking service
Despite the many steps you can take to protect your identity in an online world, data breaches will still be inevitable. If someone does apply for a loan under your identity, you will want to be notified immediately. Tools such as Credit Bureau Singapore’s My Credit Monitor offer a third eye to monitor your credit report.
The tool can look out for predetermined activities and notify you through SMS or email, providing the earliest possible indication if your identity is being stolen.
Such monitoring services can help fight against identity theft by detecting any suspicious activities or changes that can affect your credit reputation.
6. Locking money up is back in vogue
No, not in milo or biscuit tins, but in banks. Major banking institutions such as DBS, OCBC, and UOB have rolled out a new mechanism called 'Money Lock' in a bid to safeguard us against scams.
The feature allows us to set aside funds that cannot be digitally transferred without strict identity verification. As locked funds cannot be released via digital channels, cybercriminals cannot access them even if they gain direct digital access to our accounts (through malware attacks or phishing scams). Read our full guide here.
To protect against potential fraud, individuals should limit the personal information shared on social media and professional networking sites, and proactively check their credit files and accounts. Cybersecurity is an ongoing effort, and staying vigilant is key to protecting against evolving threats.
ALSO READ: 339 suspects being investigated over scam cases where victims lost more than $10m
This article was first published in MoneySmart.