Identity theft is when a criminal steals information in order to use your identity and this crime becomes identity fraud when used for financial gain. A huge 91% of identity fraud cases reported in 2021 took place online* meaning that businesses and anyone who uses the internet need to learn more to protect themselves against identity theft. Our recent identity fraud report revealed that identity fraud made up 52% of all fraudulent activity in Q1 2022.
Here at Veriff we are passionate about making the online world safer and have a number of products such as biometric authentication to make things more secure for consumers online. We also wanted to get a better understanding of where and what we are Googling the most when it comes to identity theft so we analyzed Google search data between May 2021 and April 2022 to give insight into what people are worried about online. We then spoke with an online identity expert to reveal how we can protect ourselves against these things.
What identity theft queries are the US searching for the most?
We can see that the US is Googling phishing (which is where emails are sent pretending to be from a business in order to encourage people to reveal personal information) and social media hacking far more than online banking hacking - despite the potential financial risk associated with online banking.
There are lots of things we do online that criminals can take advantage of and when it comes to stealing identities there are a few places which have a lot of information criminals can use: our email accounts, social media and online banking.
Despite the financial dangers associated with online banking hacking - when we look at what people are Googling the most around identity theft we can see that people appear to be much more interested in learning more about email hacking and social media hacking. One reason for this could be that there are so many different types of social media, from Twitter to Instagram which encourage us to share more personal information online than ever before. It’s interesting to see the people in the US more worried about our TikTok and Snapchat being hacked over our bank accounts.
Google search data shows that the most commonly searched term is ‘phishing’ with 2,235,000 searches over the past year. Phishing is where emails are sent pretending to be from reputable companies in order to encourage people to reveal personal information including passwords, addresses and credit card numbers. It can be difficult to spot a phishing email and they are often disguised very well and can seem legitimate. It’s unlikely a real email would ever ask you to enter your user name, password or banking information - if you’re concerned, reach out to the business through another channel to verify the email. Businesses can use Veriff’s ID verification software to confirm who people are within seconds, thanks to AI-powered ID Verification software which looks at over 10,000 IDs, from over 190 countries, across 45 different languages.
The second most commonly searched term is ‘Facebook hacked’ which received 483,600 searches, followed by ‘Instagram hacked’ at 401,000 searches, ‘Snapchat hacked’ (209,700) and ‘WhatsApp hacked’ (57,100).
We share more information than ever on social media and our accounts often have a large network of friends and family who can also become targets of criminals who gain access to our accounts - it’s crucial to keep your account as safe as possible.
Where in the US is searching the most about identity theft?
Looking at the US as a whole we can see that there are incredibly high search volumes for identity theft queries in every state, with the majority of the biggest searchers concentrated in the Northeast states.
Vermont comes in the top with 10,320 searches for identity theft queries for every 10,000 people living there. According to a recent study by SafeWise, 78% of Vermonters feel safe in their state - beating the national average by 42%. In second place is the District of Columbia (10.237/10,000), which saw a 28% increase in crime between 2021 and 2022, so it’s not surprising that residents are searching more for ways to protect themselves. In third place is Colorado (10,166/10,000), followed by New Jersey (10,162/10,000) and New York (10,161/10,000).
The states which have Googled identity theft the least are South Dakota and Mississippi both coming in at 10,065 searches per 10,000 people. In the SafeWise study, it was reported that South Dakota’s level of concern around crime was 30% lower than the rest of the country, despite having a relatively high crime rate - which could explain why there is little search interest in these terms. Mississippi has the third highest murder rate in the US so residents may be more concerned with violent crime compared to internet crime.
Expert advice on how to keep yourself safe online
We wanted to get more information about the best ways to protect ourselves online, so we spoke to James Walker, CEO of Rightly, an independent consumer data action service committed to championing consumer rights and helping people police, control and manage the personal data held by organizations and he offered some tips on the best ways to protect yourself from identity theft online:
Use multiple email addresses
- Create a second email account that you use when shopping online, registering for online services, and all those other unnecessary boxes. That way, only an essential few companies have your primary email address, and you minimise your chances of being hacked, involved in a data breach or being the victim of identity theft. Plus, all those scam emails you receive will go straight into your second inbox.
Avoid the ‘third parties’ box
- When you sign up to a website there is often a tick box about sharing your data. Make sure you avoid ticking this. Sharing with third parties is vague and most often simply allows companies to share your data with unidentified others and make a profit from your personal information.
Use different passwords
- Never use the same password for different sites. Consider a password vault where you remember one password and then have all your passwords in that vault. All the passwords you then use can be highly secure and unique so if a website is breached only that password will be compromised.
Use + after your name
- On emails, if you add + before the @ sign you can “tag” the website to find out who has shared your data so johndoe@gmail.com becomes johndoe+websitename@gmail.com, now if your data is shared and added to another email list or to a spam list or even a fraud attempt you will know who shared it.
Use an Alias email
- Apple will now allow you to use an alias email so the firm does have your real email address.
Misspell your name
- Misspell your name or use capitals when sharing data with sites you are concerned about. This way, if your data is shared with scammers, it’s significantly harder for them to steal your identity. Plus, future scam emails that you receive could be highlighted by the wrong spelling.
Minimize cookies
- When you visit a website for the first time you will be asked to accept cookies. In essence, cookies act as trackers, storing and sharing snippets of information about you. While some of these are necessary, like ‘functional’ cookies that store your login details and help websites improve, many share personal information about you. This includes the websites you visit, what you buy, and what characteristics you likely have. Always choose the minimum cookies option to reduce the data being captured on you.
Consider your browser
- There is a whole range of internet browsers to choose from, many of which are built for privacy. DuckDuckGo for example has best-in-class privacy essentials for free. There is also a whole range of new technologies coming out that are designed to help you know if a website can be trusted. One of these is Browser, a community-led app that uses several databases of fraudulent websites to advise you.
Regularly check if you’ve been hacked
- Make a habit of checking if any of your information has been breached. You can do this for free at haveibeenpwned.com, which checks your email against databases on the dark web. You can then change key information and passwords to prevent being hacked or scammed.
Online data protection services
- Use online data protection services: Use services that help take back control of your data, such as Rightly Protect, which can make multiple data deletion requests to companies (visit right.ly for more information).
How can Veriff help
Veriff is a global online identity verification company that enables organisations to build trust with their customers through intelligent, accurate, and automated online identity verification. Our technology helps to match a person with their government-issued ID. Knowing the identity of your customers and users helps to protect users and children in the metaverse.
Methodology
We curated a seed list of the most common identity theft scams and queries by looking at a number of news articles and by using Google Trends Explore and ahrefs keywords explorer.
Next, we found the search volume for each of these scams using Google Keyword Planner in the US and we looked at which states were Googling identity theft queries the most, between May 2021 and April 2022.
We then spoke to an online safety expert to reveal simple changes we can make to protect ourselves from some of these scams.
