Brian Kinch, FICO Senior Partner and fraud specialist
Recently, leading UK fraud prevention service, Cifas, released new figures revealing that 23,959 people aged 30 and under were victims of identity fraud in 2015. This is up from 15,766 in 2014, which is a52% increase, and is more than double the 11,000 victims in this age bracket in 2010.
These results demonstrate that younger people are alarmingly unaware that they are at risk. In fact, 50% of the 18-24-year-olds surveyed believed they would never fall for an online scam (compared to the national average of 37%), yet only 57% report thinking about how secure their personal details are online (compared to 73% of the population as a whole).
Clearly, lack of awareness is directly impacting the rise of identity fraud attacks with this demographic in particular. Our FICO Falcon Fraud Manager solution protects 2.5 billion active payment card accounts and nearly two-thirds of all credit card transactions globally, with ID fraud making up an increasingly large proportion. However, as far as technology can go to protect people’s funds – by flagging fraudulent use of a card for example – individuals need to take account of the personal data risk they are exposing themselves to by their online conventions and take more responsibility for what they post and disclose.
Digital natives at risk
The rise in identity fraud attacks on UK youngsters has a lot to do with the increase in and uptake of digital services. Young adults are keen to access and do more things remotely than they might have dreamed of just a few years ago, but remote access brings with it increased risk. Many young people are unaware of the best ways to protect their identities from cyber criminals while taking advantage of the technology that is improving their lives.
Also, fraudsters looking to harvest personal information have begun turning their attention to the explosion of data available on social network profiles. More regularly than ever, we are listing our names, dates of birth, family members, work and friendship contacts, residence, and even work, addresses on the open web. What’s more, it’s become so normal to swap data for services online that many have been lulled into a false sense of security when it comes to providing details that fraudsters need to replicate your identity.
As technology savvy as young consumers are, many are not as aware of the potential pitfalls. With less than a thirdinstalling anti-malware on their smartphone devices, despite the continual rise in mobile usage for important transactions like m-payments or booking holidays, the attraction for criminals is becoming ever greater. So, people should be vigilant and do what they can to protect their data.
Savvy online as in life
When we go about setting up a new business or personal relationship face-to-face, we will typically be quite selective about the credentials and information that we offer up. We need to adopt the same healthy caution online.
It’s essential that we all pull together to combat ID fraud and that everyone, especially millennials, are informed of the best ways to protect themselves. Commander Chris Greany of the City of London Police has said that; “Identity fraud has become the engine that drives much of today’s criminality and so it is vitally important that people keep their personal information safe and secure. In the fight against fraud, education is key.”
With that in mind, here are my top 10 tips to help you keep your identity to yourself:
- Use anti-malware on all your devices and keep this up to date.
- Know where your privacy settings are on your device and ensure these are fully enabled.
- Set up an email address – separate from your social and business address – that is used solely for your banking and other secure information, so that if fraudsters hack a social site they will not have the right email address to get hold of anything detrimental.
- Be very aware of the personal information that you post about yourself on-line; for example, try to avoid putting your birth date on your social media site and limit information such as where you live, email address, and phone information, to prevent fraudsters piecing a profile together.
- Think before you add any information; for example, adding the year you graduated may seem harmless, but criminals can often use it to work out your year of birth or determine the names of friends or acquaintances from your cohort whom you might be more susceptible to respond positively to, even if they are not currently a named contact or friend on your profile. Also “checking in” at that bar in Spain might help to show your friends what a great time you are having, but it also advertises to a would-be criminal that you are away from home and your house may be empty.
- Passwords should not be the same (or a simple variant of the same) for various logins – if you use the same password for your social sites as your online banking it is much easier for criminals to obtain.
- Use different passwords that are at least eight digits and alphanumeric.
- Avoid “classic” password techniques such as using standard personal information, as that is easily mined. Using your date of birth? Well, that’s a matter of public record, and probably on Facebook. Using your mother’s maiden name? Well, that’s possible to find through a genealogy website or her social feeds.
- Keep your settings private and make sure the people you become friends with on social sites really are your friends – once they have access to your profile they can look around for pieces of personal information about you.
- Do not click on links or respond to e-mails that come from unknown or untrusted sources, nor those that seem to come from known parties but are worded in a strange way or are requesting exceptional action. That “friend” who is asking for help might actually be a criminal who has compromised your friend’s e-mail account.
We also give consumers the ability to better control their card usage day-to-day with mobile tool, FICO® Consumer Fraud Control, which helps people to avoid becoming a fraud victim. Consumers can handle their bank accounts via control settings and customised real-time alerts, and immediately dispute a transaction if they suspect fraud.
Such tools are all about consumer empowerment and enablement; increasing the consumer’s peace of mind, allowing them to make the most of the new advancements in financial services, and keeping personal information safe whilst flagging the pitfalls that might befall an inexperienced consumer. Nevertheless, technology can only go so far and, with the rise of open data and social media, it can be somewhat of a double-edged sword. Businesses need to do all they can to help educate consumers about the risks as well.
Brian Kinch is a senior partner with Fair Isaac Advisors, the consultancy group of analytic software firm FICO. He is a recognized expert in fraud protection and business continuity. He blogs at www.fico.com/blogs.