5 Ways Identity Theft Can Ruin Your Life
Everyone knows identity theft is bad, but what exactly happens when your identity is stolen? Let us walk you through it.
By Neil J. Rubenking
Identity theft doesn’t mean that an evil doppelganger will replace you in your everyday life. That’s a plot for the movies, not the real world. But the actual consequences of identity theft range from annoying to life-shattering. Sure, you might just have to replace all the cards in your wallet, but you also might find yourself fighting to prove you’re not the one who merits jail time. Let’s look at a few of the many ways identity theft can shake up your life—problems identity theft protection software can help you avoid.
1. You Have to Replace Your Credit Cards
You can buy just about anything using a credit card these days, but you take a huge risk with every purchase. In. the real world, you have no way of knowing if the restaurant server who took your card copied down the number or made an online purchase while running your check. When you buy online, a shady merchant could take your card number and the little code from the back and sell it on the black market for a quick $10 profit. Yes, that miscreant merchant or wily waiter will probably get caught, but that fact doesn’t diminish the risk.
Simple card fraud would be a much bigger problem, except that banks don’t hold you responsible for false charges. A certain percentage of bank fees simply pay for those losses—in return, the bank gets your loyalty and confidence. It’s still incredibly annoying when you’re forced to replace a compromised card, especially if it’s one you use to pay for online subscriptions or bills automatically.
Remember, too, that those protections apply only to individual cards. Corporate and small business accounts don’t necessarily enjoy this same safety net. If a thief gets your business credit card number, you or your business could be responsible for the fraudulent charges.
2. Hackers Could Own Your Email Accounts
If your email account password is weak or easily guessed, or if someone gets hold of your unlocked phone, you might have your account taken over. And an email account takeover is way more serious than just having some rando reading your personal messages.
Control of your email account opens the door for a hacker to take over seriously important accounts, including financial ones. If you lazily used the same password for your email and financial accounts, a thief gets immediate access to all those sites. Hackers know that many people promiscuously use the same password for several sites, so when they get the password for one account, they try it for others.
Even if you’re diligent and use your password manager’s password generator to create a unique, strong password for every site, your accounts aren’t safe from a malefactor who controls your email account. Secure sites must handle the fact that real people forget their passwords. Typically, the forgetful user can request a password reset link. And where do they typically receive that link? That’s right; in their email inbox. A thief who uses that link to reset the password now owns the account, and you, the proper owner, are locked out.
Many password reset systems require the querent to answer one or more security questions before sending along the reset link. The problem is, typical security answers are things anybody could find out about you, like your mother’s maiden name. For more obscure answers like your first car, your high school mascot, or the street you grew up on, well, that’s what those social media “let’s have fun and learn about each other” posts are for. Always remember that you don’t have to provide a true or relevant answer to these security questions during an account setup; just make sure to remember the misinformation you entered. Is your mother’s maiden name Obama? Of course it is!
In addition to using your email account for entrée into your other accounts, a thief could also spew spam from the account, perhaps running a spam-as-a-service business. Chances are good the spam activity will raise red flags and get the account banned. That’s no problem for the thief, who can just steal another one. But you’re left with the problem of cleaning up a tainted account.
Just as with your email account, you must use a strong password to protect your Facebook, Twitter, and other social media accounts. If you don’t, or if a hacker uses a hacked email account to get control of your social media, you can be in for big trouble, or big embarrassment. All your private messages, photos, and posts become an open book. Nude selfies, anyone?
It’s not just your privacy that’s lost when a thief takes over your social media account. More and more websites let you authenticate with Google, Facebook, Twitter, or some other social media account rather than creating a username and password. That may seem convenient, but doing so makes your social media account a highly valuable prize to identity thieves.
4. A Stolen Social Security Number Can Put Your Whole Life on Hold
When it comes to identifying individuals, the Social Security Number (SSN) is used more than any other piece of information. Originally, it even carried some information about you, as the first three digits were assigned based on your location, with low numbers in the east and high ones in the west. It wasn’t until 2011 that the Social Security Administration switched to random numbers, with no geolocation embedded. And just how is this all-important SSN protected? Well, it isn’t.
You must supply your SSN on all manner of government and business documents, from IRS tax filings to home mortgages. In some cases, you need only enter the last four digits for verification, but often enough you give your whole SSN to the controlling agency. If any of those businesses or government entities get hacked, your SSN can wind up exposed, sold, and traded on the dark web, with alarming consequences.
Picture this: You’ve lived in your home for years and you’re finally ready to move up (or downsize). But when you go to sell the house, you find that there’s a lien on the property. How did that happen? Some malefactor used your SSN in a shady deal, then failed to pay up. Unbeknownst to you, the victim attempted to recoup losses by placing a lien on your home.
The worst thing about this kind of abuse of your personal data is that you may not learn about it until years later. It may even take some digging to find out that the theft happened. A friend of a colleague had to work hard to find out why she couldn’t get a mortgage. It turns out that someone else had established a mortgage using her SSN, and that mortgage was foreclosed.
5. Scraped Personal Details Can Empower Scammers
Did you think that person poking around your recycling bin was scrounging for bottles and cans to turn in at the recycling center? It’s possible, but they also may have been looking for bank statements, bills, and other papers with personally identifiable information.
Armed with your date of birth, SSN, address, and other personal data, a thief can open new credit accounts in your name. Admittedly, the first bill you get for the new account will blow the scheme, but a cagey thief might have those bills sent to a false address. That way you won’t even know about the identity theft until the collection agency comes calling.
A collection agency might be the least of your worries. That knock on the door could be the police or the FBI, with a warrant for your arrest. An identity thief who commits a crime while posing as you can land you in jail, for as long as it takes you to establish that you’re not the perpetrator. At a less dire level, identity theft can prevent you from legitimately claiming unemployment or stimulus payments.
Protect Your Identity at All Costs
Now that you’ve seen just what can happen if your identity is stolen, make sure to check our tips on how to be more secure online in general, and how to protect your identity, in particular. Consider subscribing to an identity theft protection service that will provide an early warning system and help you with any necessary recovery. Enabling multi-factor authentication wherever it is available is one way to make it harder for someone to access your accounts, even if they get your password. And if you think you’ve already been hacked, we have you covered too.
Originally published at https://www.pcmag.com.