4 Identity Theft and Fraud Scams That Consumers Need to Know
Updated: May 26, 2022
ntity theft, which involves stealing another individual's personal information, has become an increasingly pervasive problem in recent years due in part to advances in technology. There are now more ways than ever for scammers to acquire someone's credit card, passport, or other documents containing personal information. Identity fraud occurs when the scammer uses this information for financial gain. The Federal Trade Commission registered 2.2 billion fraud reports in 2020, while a Javelin report suggests Americans lost more than $56 billion via identity fraud that year.
The COVID-19 pandemic and government-issued benefits brought about a substantial spike in reported instances of fraud and opened up a new avenue for scammers to commit identity fraud. Moreover, these criminals are creating more convincing scams and utilizing psychological tactics to manipulate people's behavior. This, combined with a record number of data breaches in 2021, means consumers need to be cautious in their interactions with strangers, avoid sharing personal information online, and invest in identity theft protection services.
"All of these trends point towards increases in identity fraud that will change consumer behaviors, revictimization rates, and pandemic-related identity crimes for years to come," notes Identity Theft Resource Center CEO Eva Velasquez. "We expect to see these types of cyberattacks and who they target continue to evolve as they did in 2021."
Below is a look at four concerning identity fraud scams consumers need to know about in 2022.
Synthetic Identity Fraud
Synthetic identity fraud is now the most prevalent form of identity theft in the United States with reported losses of about $20 billion in 2020, according to the finance company FiVerity. This type of fraud occurs when criminals use stolen Social Security numbers and match them with different or fake names to create, or “synthesize” new identities. Criminals will then use this identity to apply for loans they don't intend to repay.
The Paycheck Protection Program, a key relief benefit for those whose employment was affected by the pandemic, was a major vehicle for identity fraud. In 2020, Adam Arena and a suspected co-conspirator stole more than $1 million in federal government funds in other people's names through the Paycheck Protection Program. Arena pleaded guilty and is now awaiting sentencing. The IRS has also warned consumers to be aware of synthetic identity fraud involving unemployment benefit scams.
Arena was also sentenced to four to 12 years in prison for using Social Security numbers of children, deceased individuals, and senior citizens, among others, to create synthetic identities and max out credit cards and lines of credit. He and several others took out lines of credit worth hundreds of millions of dollars.
Also known as SIM hijacking, SIM swapping occurs when a criminal assigns another person's mobile phone number to a new SIM card and phone, following which they can access that individual's personal information to use for financial crimes. Generally, scammers will bring the new SIM card into a mobile carrier and claim to be the person to which the phone number was assigned. They might even have supporting evidence such as the account PIN or the answers to the security questions. If they're able to convince the customer service representative, they can access sensitive information such as email, social media, and personal banking.
While there's no surefire way to avoid SIM swapping, mobile users should periodically reset their PIN, make their online profiles more private, and consult with their carrier to see if they have any security protections in place.
One-Time Password Bots
Scammers may also use what's known as one-time password (OTP) bots to trick individuals into handing over authentication codes they receive via text or email. This code can then be used to access the account for which it was used, allowing scammers to steal whatever personal information might be associated with that account.
These bots will usually send a text or initiate a robocall while imitating a bank or service provider. At the same time, they are attempting to log into that person's account, which triggers the sending of an authorization code to the account holder's mobile device. The bot might bring up an unknown charge on the individual's account and ask them to provide the authorization code they received if it is fraudulent.
Consumers need to be wary of all unsolicited texts and calls, especially those that offer deals that seem too good to be true or use threats to prompt immediate action.
Scammers have also started leveraging the booming cryptocurrency/NFT markets to deceive individuals into sharing personal information. Scams involving crypto usually feature contests, fake prizes, or the promise of an attractive investment opportunity. A scammer might pose as a celebrity investor or pretend to represent a popular crypto website in hopes of acquiring login information or, in some cases, money to "invest" in a crypto or NFT project.
In January 2022, hackers stole $2.2 million worth of NFTs from art collector Todd Kramer. The following month, criminals employed a phishing scam to steal approximately $1.7 million worth of NFTs from the OpenSea NFT market. One of the blockchain's (the technology on which crypto and NFTs are stored) biggest benefits is that it is free from government interference, but this also means victims of fraud might not have any recourse against losses incurred.
All consumers are urged to put in place an identity theft protection and restoration plan that addresses all 6 major types of ID theft ( credit/financial; driver’s license; medical, Social Security number or false tax returns; child ID theft; character or criminal) AND synthetic ID theft in terms of guaranteeing to restore the identity to pre-breach status. Monitoring and alerts are not enough—the key is to have a professional restoration team available to you at all times through these inexpensive plans.