Identity theft: a personal and organisational threat

Share this post:

Author: John Martin, Senior Security Architect, IBM New Zealand

Identity theft is a growing phenomenon, affecting as many as 133,000 New Zealanders annually at a cost to the economy of as much as $209 million every year1.

Typically, identity theft is used to perform financial transactions using accounts in another person’s name. These can be making purchases using a credit card number or taking out a loan for a car. Less commonly, it is used to obtain medical insurance, file fraudulent tax returns, impersonate another individual during an arrest, open phone or wireless services, or even attempt blackmail.

But the impacts of identity theft go beyond the personal – it’s also the easiest way for criminals to gain access to networks and data. Once a malicious actor has the identity information of a member of your organisation, they can target it with phishing or ransomware attacks.

By taking precautions and addressing common risks, users can thwart cybercriminals in both their personal and professional lives.

Simple steps to protect your identity

Personal identity information can be stolen by rummaging through rubbish for sensitive documents, infiltrating organisations that manage large amounts of personal data, or hacking into computer systems.

You can fight identity theft by taking the following precautions2:

  • Never give out personal or financial information over the phone or in an email. Beware of phishing scams, where a pop-up message or email asks you for personal or financial information.
  • Always use strong passwords that are at least eight characters long and contain numbers and special characters (like: $, %, &), and that do not contain a word found in the dictionary. Or use password phrases, which are longer sequences of words. Change your passwords frequently and never share them.
  • Use a password manager to store and protect your passwords.
  • Use anti-malware software daily. It can help detect spyware, which is software installed on your computer (often without your knowledge) that collects information about you.
  • Avoid using software downloaded from unknown websites or peer-to-peer file-sharing services. Also avoid software that claims to be a game, a screensaver, collects information for ‘marketing purposes’ or promises to ‘accelerate your internet connections’. These programs may contain spyware.
  • Shred credit card receipts, junk mail, and other documents with sensitive personal or financial information. Never leave these types of documents exposed in a public space (such as an office desktop).
  • Never make personal information about yourself (like your birthdate, place of birth, family members’ names) publicly available on social networks like Facebook or websites like Google. This information can be easily found by search engines and used to help perpetuate identity theft against you.

If you’re concerned, you may be the victim of identity theft, use the DIA checklist, or raise an Incident Report with the CERTNZ.

And to find out more about protecting your organisation from identity theft, talk to a member of our Cyber Elite team.

More Security stories

The need for gender diversity in cybersecurity is real

Author: Pelin Nancarrow, Consulting & System Integration Leader A/NZ I have been helping clients establish guidelines for implementing, maintaining and improving information security management in their organisations for 17 years. Although it has improved, I am often still the only woman in the room. It is now more critical than ever for organizations to attract and retain […]

Continue reading

The value of psychology and cognitive science in Cybersecurity

Author: Fiona Byrnes, AP Managed Security Services Delivery Executive, IBM Security Who is today’s cybercriminal? What new data can be commoditised or code weaponised for disruption? These are common security intelligence questions asked in our client conversations. While these questions are about the preventative tools, testing, analytics, and security methodology, they also have underlining psychology. […]

Continue reading

Cybersecurity needs your skills

Author: Holly Wright, QRadar Flows Product Owner, QFlow Software Engineer, IBM Security A little-known fact about cybersecurity is that it is one of the most diverse industries out there. Think of any company. You’d be hard-pressed to pick one that hasn’t gone through some sort of digital evolution, in some shape or form. Healthcare, finance, mining, […]

Continue reading