Data breaches continued to play a significant role in identity fraud. Organizations alert their customers when their information was compromised and sent a letter (i.e. “data breach letter”). Receiving this letter does not define a consumer as a victim of fraud. Yet the survey found 1 in 4 data breach notification recipients became a victim of identity fraud in 2012, compared to less than 1 in 5 in 2011.
The personal information lost in data breaches are frequently used to commit fraud. While credit card numbers remain the most popular item revealed in a data breach, in reality other information can be more useful to fraudsters. Personal information such as online banking login, user name and password were compromised in 10 percent of incidents and 16 percent of incidents included Social Security numbers. Recipients need to take data breach letters seriously and protect themselves by enrolling in identity protection services and taking other steps.
It's not just online fraud or data breaches. More than 1.5 million consumers were victims of familiar fraud, which is fraud when victims know the fraudster. Lower income consumers were more likely to be victims of familiar fraud. The information most likely to be taken via familiar fraud includes name, Social Security number, address and checking account numbers.
Other methods used by criminals are:
- Dumpster Diving - thieves rummaging through your personal trash or business' dumpsters looking for documents with personal information.
- Shoulder Surfing - watching from nearby locations to steal your PIN number while you are using the ATM or listening to telephone conversations in which you provide credit card information.
- Pretext calling - stealing personal information over the phone by posing as a legitimate business and tricking you into providing personal information.
- Mail Theft - stealing mail from unlocked mailboxes to obtain credit card and bank statements, checks, pre-approved credit offers, investment documents or tax information.
- Impersonation - Impersonating a landlord, loan officer, employer, or anyone who might have a legitimate reason to access your credit report.
- In the workplace - stealing records from an employer, conning employees into providing information, or hacking into the organization's network.
- Skimming - stealing credit card information by capturing information using illegal devices attached to ATM machines or gas pumps.
- Theft - stealing your wallet or purse, breaking into your home or stealing information while performing work or service at your home.
- Phishing - sending unsolicited email, posing as a legitimate company, such as your financial institution, and asking you to verify personal information such as account numbers or promising some benefit but requesting personal information.
Watch the security video
- Change of Address - diverting mail from its intended recipients.