Fraud levels are on the rise and show no signs of slowing down. According to an ACFE report, 79% of businesses surveyed recorded an increase in instances of fraud in 2020, and that number is expected to increase further in 2021. In South Africa, the scenario is much the same. However, one fraud category saw a massive increase thanks to the switch to online operations in 2020 – identity fraud.
What is Identity Theft
Identity theft involves the use of your personal identifying information – identity number, banking information, usernames and passwords – without your knowledge, usually to obtain money or credit. Fraudsters steal the information of unsuspecting individuals through some kind of scam, deception, or outright crime and use it to impersonate them in acts of fraud or other crimes.
If quickly detected and resolved, identity theft may cause minor damage. But for some victims, identity theft can be incredibly damaging. Losing life savings, damaging reputations, or ruining credit scores are just a few of the many severe consequences of identity theft, and these problems can take months or years to resolve.
Identity Theft in South Africa
According to The Southern African Fraud Prevention Service (SAFPS), impersonation fraud increased by a whopping 337% in 2020. The increase was seen across all provinces except Limpopo, and was greatest in the Eastern Cape, with Gauteng following closely behind.
One explanation for this increase is the greater prevalence of online activity in 2020. Many companies moved to a work-from-home program. All company operations, including those involving sensitive information, had to move online too, leaving this data vulnerable to breaches by opportunistic criminals. This transfer was a first for some organizations, many of which did not have adequate security in place to protect their company data. Even large companies, with massive investments in online security, experienced data breaches in 2020.
Individuals were also more vulnerable. During the countrywide lockdown, customers were forced to use online and telephonic services, which can be risky in industries that use sensitive information, like banking. Fraudsters also exploited the vulnerabilities of desperate consumers to steal their information, as seen in the various grant scams conducted online. Criminals took advantage of the chaos caused by the ‘new normal’, resulting in the massive increase in identity fraud, and they are likely to continue exploiting the vulnerabilities of online operations in 2021.
How Criminals Access Your Information
Considering the greater prevalence of identity fraud in South Africa, it is important to be aware of the methods criminals may use to steal your information:
- Phishing or other online scams, where victims are persuaded to provide their personal information by fraudsters impersonating an official entity, like a bank.
- Malware, where victims click a link or download a file that installs a program onto their computer or smartphone to steal their data from the device.
- Unprotected wireless networks, where hackers access your device via an unprotected network and steal sensitive information.
- Voluntary relinquishing of personal information, where victims share their passwords or other identifying information with untrustworthy parties.
- Involuntary relinquishing of personal information, where victims have their information stolen through data breaches of a third party, like businesses or government sites.
There are several other ways criminals can steal your data – such as documents with personal information you throw away, for example – but in a time of ever-increasing online activity, these online methods are the main ones to watch out for.
How to Protect Yourself Online
Beyond an awareness of how online identity theft occurs, what other steps can you take to prevent it from happening to you? Preventing identity theft is far more effective than attempting to reverse the negative effects once it’s too late.
1. Use online security software
Strong security software is a vital starting point in online data protection. The various security applications available, both paid and free, offer an extra level of protection for your computer or smartphone. By scanning for malware regularly, and detecting potential malware before it is downloaded, you can take the guesswork out of which applications or links are malicious and which are safe. Make sure the security software is always up to date and investigate any problems found as soon as they arise to prevent any further risks.
2. Identify suspicious links or sites
Part of your data protection is up to the software – the rest is up to you. While programs can detect and deal with malware, the risks are minimized if you avoid the malware altogether. To do this, there are some warning signs you should look out for to detect potentially problematic links. Firstly – don’t click on any links or attachments from someone you don’t know. This applies mostly to emails, but can be extended to any website or social media page you visit. Secondly, whenever you are asked to submit personal information online, double-check the link address to ensure it is the official website (for example, www.amazon.com may be changed to www.amaz0n.com). Some fake websites can be incredibly convincing – a carbon copy of the official page – but the information you enter is going straight to the fraudsters who use that data without your knowledge.
3. Only use reputable websites
Before making a purchase on a website or entering any information that may be used against you, verify that the website is reputable. Search for reviews of the site to determine if any other customers questioned the website’s safety. Do some research to find out how the business protects your sensitive information. The beginning of a website link is another indicator – https sites are secured and http sites are not. This does not mean all http sites are a scam, but it is a sign that you should not enter any personal information.
4. Use strong passwords
This point is drilled into our heads constantly, but it bears repeating – strengthen your passwords. Gone are the days of using your name and a few numbers, or some iteration of ‘password’. Hackers are too smart for that. We roll our eyes when websites request more difficult passwords – an obscure character and combination you will never remember – but these steps go a long way to protecting your information as password hacking methods advance. Make sure your password is complex, containing a combination of upper- and lower-case letters, numbers, and special characters. Change your password frequently (every two months is the recommended time) and never give it to anyone or store it somewhere it can be easily discovered.
5. Beware what you share
After implementing all these protection methods, you don’t want to end up giving your personal information away by accident. Many people share their information voluntarily on social media, but you cannot be sure of who you will end up sharing that information with. It goes without saying that you shouldn’t share any banking information or passwords online, but other basic information can also be used against you – particularly in answering security questions. To be safe, it is best to protect all accounts with the security options open to you to prevent anyone outside your network from seeing what you share. Ultimately, don’t share any information online you wouldn’t want a criminal to know.
Considering the massive increase in identity fraud in South Africa this year, protecting yourself is more important than ever. It’s not difficult either – some basic software and increased vigilance are all you need to stop yourself from becoming a victim of this prevalent crime.