Once upon a time, stealing a person’s identity would have seemed farfetched. The stuff of movies. Now it appears to be easy.
And the problem is growing.
The 2018 Identity Fraud Study released in February by Javelin Strategy & Research revealed that the number of identity fraud victims increased by 8 percent (rising to 16.7 million U.S. consumers) in the last year, a record high since the firm began tracking identity fraud in 2003.
The study found that despite industry efforts to prevent identity fraud, fraudsters successfully adapted to net 1.3 million more victims in 2017, with the amount stolen rising to $16.8 billion. With the adoption of EMV (embedded chip) cards and terminals, the types of identity fraud continued to shift online and away from physical stores.
The complexity of fraud is also on the rise as criminals are opening more new accounts as a means of compromising accounts consumers already have.
This last year saw a notable change in how fraud is being committed. While credit card accounts remained the most prevalent targets for new account fraud, there was significant growth in the opening of new intermediary accounts, such as email payments (e.g. PayPal) and other internet accounts (e.g. e-commerce merchants such as Amazon) by fraudsters. Although not as easily monetized alone, these account types are invaluable in helping fraudsters transfer funds from the existing accounts of their victims.
The study also found three significant changes in data breaches in 2017.
Nearly a third (30 percent) of U.S. consumers were notified of a breach in the past year, up from 12 percent in 2016.
For the first time ever, Social Security numbers (35 percent) were compromised more than credit card numbers (30 percent) in breaches.
Finally, data breaches are causing consumers to lose trust in institutions. These trends combined to cause consumers to shift the perceived responsibility for preventing fraud from themselves to other entities, such as their financial institution or the companies storing their data.
“2017 was a runaway year for fraudsters, and with the amount of valid information they have on consumers, their attacks are just getting more complex,” said Al Pascual, senior vice president, research director and head of fraud and security, Javelin Strategy & Research. “Fraudsters are growing more sophisticated in response to industry’s efforts to implement better security. Fortunately, there are a variety of digital tools that consumers can leverage to stay better informed on the status of their identities and accounts, and to ultimately stay better protected.”
Javelin found 63 percent of consumers report that they are “very” or “extremely” concerned about the threat of breaches, but many are unsure that they have the ability to effectively protect themselves. Cynicism about breach notifications rose dramatically, with 64 percent of breach victims indicating they believe that breach notifications do little to help protect them and are principally about providing legal cover for the breached company.
Some things don’t change. Looking for someone to blame for an intractable problem remains as much a part of human nature in the computer age as ever.