Identity Theft and the Value of Your Personal Data
How important is it to keep your personal details private? To be more specific, how dangerous is it to leave your personal information—your name, your social security number, your credit card and financial details, even your email address and phone number—where other people can access them? While it may seem harmless to leave bits and pieces of your personal information online or a physical document that you tossed in your garbage bin, it could be used to steal your identity.
This is the unfortunate reality of identity theft. Despite all the reports on how people lose money and even reputation from fraud and hacked accounts, many people still don’t fully understand the real security implications of having their identity, as represented by their account credentials and information, stolen.
With the steady rise of smart devices, the Internet or Things (IoT), and the way everyday people use the Internet, the data that quantifies your life's details are like digital breadcrumbs left by mobile devices, online browsers, and payment platforms. While this is happening, you will be more and more susceptible to identity theft and other online threats. The only thing that bounds technology is ethical and legal restrictions, making privacy an integral concern for many users. But are we genuinely concerned about our privacy, and can we truly benefit from changing our lax online habits?
How does identity theft happen?
Identity theft happens when your personal information is stolen and used by cybercriminals or scammers to impersonate you. Your credentials can essentially be used to gain access to different areas of your digital life, including your bank accounts, social media, and credit card details. Along the way, they may harvest other sensitive data from your accounts as well as those belonging to your family, friends, and colleagues. In some cases, cybercriminals can use your credentials to harm your reputation or cause online public humiliation. Altogether, they can cause irreparable damage. In addition, a stolen identity can also be used as an effective cover for cybercriminals.
Identity theft is usually done for financial gain. An identity thief who manages to get a hold of a victim's credit card or social security number could use them to make purchases or open accounts using the stolen identity. It can also be done using an account that most people don't have a problem handing out: an email address.
Since most online accounts require an email address as their username, as well as a way to verify accounts and reset passwords, a hacked email account could open up a number of other accounts to an attacker. Social media accounts could be used to damage reputations, and it wouldn't be hard to imagine what could happen if an identity thief gains access to a victim's online banking or shopping accounts.
Trend Micro recently sponsored a global study that asked more than a thousand consumers around the world to assign a hypothetical price on their personal information, including passwords, health information, social security numbers, physical location, and others. The results reflected that more US respondents value nearly all their personal information more than respondents from other countries. This shows how much US consumers value their privacy and how their personal information is tied to their daily activities, especially that of social media.
[Read: How Much is Your Personal Data Worth? Survey Says...]
The survey also reflected a large percentage of people who care more about put the highest value on their passwords. Ironically, social media has inverted the model of the concept of privacy, providing people with a platform that allows—and some even encourages—them to display or "share" their details in public.
Did you know?
- Respondents from different countries placed different values, but they all agreed that their passwords are the most important piece of personal data, which they valued at US$75.80
- Health information and medical records are second, valued at an average of US$59.80. US respondents put the highest value on their health records at US$82.90 while European consumers consider theirs to be worth US$35
- Social Security numbers are third, at US$55.70
- Payment details rank at fourth at US$36.60. US citizens priced this information at US$45.10 and Japanese valued it at US$42.20. Europeans priced it at US$20.70
- Purchase history is the fifth most valued, at US$20.60. US respondents valued it the highest again, while Japan and Europe valued it less
- Physical location information is sixth at US$16.10. US citizens priced it at US$38.40 while consumers in Japan and Europe priced it a paltry US$4.80 and US$5.10 respectively
- Home address is seventh at US$12.90, with US consumers once more pricing it at US$17.90. Japanese respondents pegged this information at US16.30 while those in Europe priced it at US$5.00
- Photos and videos of themselves rank eighth most valued at US$12.20. US respondents wanted US$26.20 for their pictures, while Japan and Europe both asked US$4.70 for theirs
- Marital Status is pegged at US$8.30. Japanese consumers asked for US$12.70, while US and European consumers pegged this information at US$6.10 and US$6.00 respectively
- Finally, name and gender are the least valued at US$2.90
Preventing Identity Theft
Given the prevalence of identity theft and other online threats, there’s still plenty you can do to protect yourself. However, you must remember that it all starts with awareness. You can start by following this simple all-important rule: never give out your personal credentials to anyone. This is one of simplest, most cost-effective way to prevent a likely attack. Trend Micro Security can help minimize the amount of personal data tracked by websites and services. It also safeguards your accounts and ensures data doesn’t go out without your consent. Additionally, here are some helpful tips on how you can protect yourself from identity theft:
- Manage your account passwords - The whole identity theft boulder can start rolling once an attacker gets access to your email account. Make sure that you use unique and long passwords, avoid using the same password for all accounts, and regularly update them. You may also try using a password manager to efficiently handle your passwords.
- Avoid opening email attachments and clicking on malicious links - Social engineering can start with an innocent-looking email asking for information. This can lead to malware getting into your system, which can be used to steal your personal data. Use a spam filter to block likely phishing emails.
- Learn about a site’s privacy and security policies - It helps to know what information they collect, what the information is for, how they make sure it’s safe, and with whom they share it.
- Bookmark trusted websites, especially those frequently used for online shopping - This will prevent you from accidentally landing on the wrong website, which may have been designed to take advantage of people that commit the same mistake. Attackers can easily slip malicious code or links that direct you to malicious sites that phish for personal information.
- Limit your exposure on social networks - Many social media sites have beefed-up their security measures, allowing users to adjust the level of security according to their personal preference. Since cybercriminals look for victims on social networks, be wary of what you post and the amount of information you put out, such as your location, financial information, and other private details.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases
- Exploring Potential Security Challenges in Microsoft Azure