Identity fraud in the UK has reached ‘epidemic’ levels
Fraud prevention service Cifas reported in August that nearly 500 identities are being stolen per day in the UK. This could be a conservative figure, as many victims are apparently too embarrassed to report fraud – especially when they realise they’ve inadvertently shared personal data on their social media accounts.
Identity fraud occurs when someone obtains details about you and uses them to steal money, make purchases or take out debts in your name. It doesn’t take much for them to get started either: if someone’s got your full name, date of birth, address and bank name, that could be enough for them to impersonate you.
Another trick is for criminals to impersonate people in your life who you might have agreed to pay money to, for example, a builder. If someone hacks into your email account and identifies messages from your builder, they’ve instantly also got their name, business details, email address and possible information about scheduled work on your home. By impersonating the builder on email, they can request payments to their own temporary bank accounts. London homeowners David and Sarah Fisher went public in 2016 with their experience of being conned in this way. They lost a whopping 25k to someone posing as their builder with a very plausible email and doctored invoice.
And it’s not just consumers and small businesses who need to be careful. US credit scoring giant, Equifax, has made headlines recently for two separate hacks, one of which is thought to have affected millions of American consumers, and potentially 400,000 people in the UK, whose sensitive data has been breached and could be used by fraudsters.
Tips to protect against identity fraud:
- Password protect all of your devices and make passwords harder to crack. If you think someone may have found any of your passwords, change them. Some people favour the government’s ‘three random words’ approach – find out more.
- It’s pretty easy to overshare these days – who hasn’t had someone wish them a happy birthday on Facebook? Check your privacy settings on social media accounts and think about what you post online.
- If you do upload photos online, be aware of what’s in the background – if your debit card’s on the table, someone can easily zoom in and access your details.
- Install anti-virus software on your computers and keep it updated.
- If you’re throwing away paper correspondence that’s got your address, reference numbers or anything else that could be compromised on it, shred it and separate the pieces before recycling.
- Don’t answer phone calls on your mobile from numbers that look strange, for example ones with the same digit repeated in a row, or calls your smartphone flags up as potential spam.
- Don’t click links in emails or texts unless you’re certain they’re legit.
- Check your paper or online banking and credit card statements regularly to make sure you recognise all the transactions.
- Be suspicious of any requests for payment or unexpected changes in your credit rating when you make an application.
- If someone who seems to be your trusted tradesperson sends you a request for payment and their bank details, call their official phone number first (not the one on the invoice, just in case) to double check. Even better, verify the bank details in person before making the payment.
- If someone’s pressuring you to hand over your details, or something doesn’t feel quite right, stop. This Take Five campaign video from Financial Fraud Action UK has more advice on how to handle these situations.
The tips above should help you protect your information and your money. If you’re feeling wary about using online banking, try this guide from the Payments Council, designed to help you manage your accounts with confidence.
If you’ve been unlucky enough to have been scammed out of money or you believe your personal information has been stolen, report it to your bank, Action Fraud and your credit card company, if relevant. (Note that in some cases banks won’t pay out for identity theft if the victim has willingly given out their personal information.)