Investigations on identity theft generally identify these ways of acting:
• Interception of data as it is typed deriving from computer vulnerabilities in the company or home network
• Creation of similar emails and interference in communications after the hacker has obtained user data through social engineering or phishing activities
• Creation of similar emails and intrusion in communications after the hacker has managed to obtain copies of invoices of which he will only modify the IBAN and partially the current account holder
Shopping centers, hotels, airports, squares and clubs with large influxes of people. The perfect scenario to collect data through “sniffing” techniques, that is the observation and collection of data deriving from internet browsing, but also more simply by creating a fake open wi-fi network, with a name similar to the official network available, but under the control of a cybercriminal. If you don’t know the wi-fi provider, you don’t even know what data it collects and how. Who would be able to distinguish a secure wi-fi from an unsafe one by looking at the screen proposed by current smartphones? Probably none. For example, if there are two identical names of wi-fi, it is most likely an “evil twin” attack.
Identity theft creates economic damage and operational inconvenience for those involved, and can generate reputational damage and costs related to the management of litigation for the company.
In 2019, two hundred and sixty-seven million personal data of Facebook users ended up online in the first two weeks of December, downloadable via a hacker forum.
An ocean of personal information such as user ID, name and phone number.
A few days earlier, one of the largest credit card operators in North America, Capital One, had admitted the theft of 106 million data of its users: names, dates of birth, addresses, telephone numbers and bank statements of those who had requested. a credit card from 2005 to 2019. The Marriott hotel chain also ended up in the crosshairs of hackers, which in recent months saw 383 million information stolen.
Criminals got their hands on names, addresses, phone and credit card numbers, emails, passports and even the health status of hotel guests.
Credit scams that start from the illicit use of a person’s personal and financial data to obtain credit or acquire assets with the premeditated intention of not repaying the loan and not repaying the financed product. An increasingly widespread phenomenon also in Italy. According to at least the alarm launched by the Crif according to which, in the first six months of 2019, this type of illegal activity led to over 77 million euros in damages for the credit industry of the Peninsula, affecting almost 16,700 cases, with a growth of 36.7% compared to the first half of 2018.
As large swaths of the population are rapidly opening up to the digital world, criminal organizations are specializing in online fraud. The vulnerability to credit fraud perpetrated through identity theft is also increased by the fact that personal and identification data, such as the social security number, or personal contact details, such as email or mobile phone number, are often published on the web.
To defend ourselves from thieves, we can equip our homes with a gate or install an alarm but to reduce the risk of suffering credit fraud we must be the ones who take steps to adequately protect our data, for example by activating an alert text message to check transactions with your credit card or systems that notify you if our data is used to apply for a loan or if they are circulating on the web.
But how to arrange a transaction or provide access in absolute security. The only way is a FIDO (Fast Identity online) technology, JIT Just In time Access.
