Why is identity theft on the rise? And what to do if your identity is stolen? 

person typing a password in on a laptop
Be careful what you share online. Identity theft and fraud are on the rise. Getty Images
headshot of Nikos Passas
Nikos Passas, professor of criminology and criminal justice at Northeastern, speaks about the rise of identity theft and fraud. Photo by Matthew Modoono/Northeastern University

Identity theft and fraud in the past several years have skyrocketed across the globe, causing concerns among individuals and businesses. 

In 2022, the Federal Trade Commission received 5.7 million in fraud and identity theft reports, according to the National Council on Identity Theft Protection. The problem is ubiquitous. Experts say these cases occur so often that there is a new victim every 22 seconds.

Government documents or benefits fraud tops the list of identity theft types, the National Council reports. The median loss of fraud cases for victims nationally is about $500, with total losses last year estimated to be $10.2 billion.

The number of identity theft scenarios in the U.S. is nearly three times higher than in other countries. Reports show that about 33% of Americans have faced some kind of identity theft attempt. Those numbers are only expected to increase. 

Northeastern Global News spoke with Nikos Passas, co-director of the Institute for Security and Public Policy, about the problem. His comments have been edited for brevity and clarity.

What is the difference between fraud and identity theft?

Identity theft is when somebody takes away personal information that belongs to you. Then they use it to take your money away or ruin your credit rating. If they use it to gain any legal advantage, they commit fraud. They may misrepresent themselves as you, and then someone may use it down the road to impersonate you or blackmail you to gain access to your financial or personal health information. 

One is instrumental to another, but fraud is a much broader term that includes all types of misrepresentation to gain any illicit financial advantage. 

Why are identity theft and fraud on the rise?

There are multiple contributing factors. You have to take into account COVID-19’s effects. People were stressed and socially isolated, and lockdowns led to a huge growth in online activity. You have more use of online shopping, banking and social media that exposes people’s financial information. 

There is also an increase in incidents of data breaches that comprises the security of hundreds of millions of people. We’ve seen that with social media, financial institutions and store credit cards. In addition, the breaches can lead to identity theft because people now have access to this personal information. 

How do they use it? First, they try to get into your account. Then, they try to purchase things and charge you. 

Identity theft methods have also become more refined. For example, you have phishing malware that can sometimes bypass security measures that data holders use. 

Finally, people are not fully aware of the risks they take. As a result, they do not take the necessary steps to prevent it from happening. Sometimes people do not even realize that their identity has been stolen and used until it’s quite late and the credit rating is damaged.

This is a target-rich environment. Sometimes companies try to do things cheaply. But, if you’re stingy with what you do to protect yourself, the victimization can be much more severe. 

What do the thieves do with the information, and why?

Data breaches occur because sometimes they want to show how smart they are for fun or to make money. Sometimes it’s because they want to sabotage individuals. Other examples include state actors acting illicitly or taking money out of your accounts to buy things. Another is blackmailing you with your information to get you to send money or Bitcoin to get it back. 

What is the impact of data breaches and stolen personal information?

There’s emotional distress because your personal information has been compromised. You may incur a financial loss. Institutions are damaged because they may have to pay a ransom, or there’s brand damage, and they’ll lose their reputation. 

When it comes to sabotage and state actors, you can have geopolitical consequences—where you blackmail people in sensitive positions to gain an advantage. 

How do you avoid identity theft and fraud?

First, do not share your password or any other personal information. And especially, don’t put it in emails or text messages. Instead, use strong passwords and change them. Even though multi-factor authentication may be a pain in the neck sometimes, it helps add a layer of protection when you get phishing emails, texts or calls. 

If personal information comes to you in the mail, shred it before you throw it away. Some people collect the trash. If you’re away for a long time, put it on hold. 

If you don’t recognize an expense, check it and find out what’s happening. 

All of your personal information has to be stored in a safe place. You don’t want to carry it around in your pocket. 

Also, monitor your credit reports. You can get a free credit report each year from the U.S. government. 

What do you do if your identity is stolen?

Get new cards and report them immediately to your credit card, bank or institution. Also, change your password for your emails immediately. 

Sometimes credit cards give protection against these losses, but not all. 

Password managers are not necessarily worth it. For example, I prefer to create my own and not use my date of birth or my kids’ birth date. Also, do not use the same password for everything. 

Beth Treffeisen is a Northeastern Global News reporter. Email her at b.treffeisen@northeastern.edu. Follow her on Twitter @beth_treffeisen.