Over 200 years ago, Mary Shelley sat down and wrote her famous novel “Frankenstein”. It was about a doctor who believed that he could create a new life using the body parts and organs of different dead people, brought back to life using hundreds of thousands of volts of electricity. When the movie version of her novel appeared in 1931, viewers got a glimpse of how the monster that Frankenstein created came to be: he harnessed lightning to provide the necessary electric voltage to breathe new life into his creation. The two most famous words in the movie, “It’s alive!” resonated with audiences for years, and the movie is still watched on cable today.
Baron Von Frankenstein and his horrific creation were slightly ahead of their time – over 200 years ahead. Because today, cybercriminals are doing exactly the same thing: stealing various elements from different people, both dead and alive, like their names, addresses, phone numbers, Social Security numbers, and other details and components of their personal identity and lives, and crafting them together with fictitious elements as a totally new creation. It’s called synthetic identity theft. And it’s the fastest-growing segment of cybercrime in the U.S. today.
Why Synthetic Identity Theft is so Damaging
The biggest problem with synthetic identity theft is that many cybercriminals steal elements of identity from children – particularly their Social Security numbers. In fact, over one million children have become victims of synthetic identity theft in the past year, with many under the age of 7.
The problem escalates because many victims won’t even know that their identities are being used in illegal activities until they’re much older, and apply to college, search for a job or try to buy a car. Only then will their credit show thousands of dollars in unpaid and uncollected charges, stolen bank funds and other criminal activities – all based on synthetic fraud from a cyberthief. By then, it’s too late to clear their name without jumping through extremely difficult legal and financial hurdles.
Different Types of Synthetic Identity Theft
Cybercrooks have different types of synthetic identity theft at their disposal, and which one they use will depend on how creative and technically astute they are. For the creative cybercrook, there’s Identity Fabrication – which is a persona that is totally made up with no connection whatsoever to actual personally identifiable information (PII).
The cyberthief who is a good manipulator is able to take the PII of an actual person and manipulate it in a new way, creating a new identity that has its roots in a real person. Just know that the manipulation is so extensive you’d probably never recognize the identity of the person that they came from.
The third type of synthetic identity theft is the “Dr. Frankenstein” method, (or Identity Compilation), which takes bits and pieces of personally identifiable information from real people and mixes and matches it with fabricated data that was created from scratch. As with the others, this phony identity is difficult to detect.
Avoiding Synthetic Identity Theft
To avoid becoming a victim, you have to understand where the cybercrooks get their bits and pieces of real information. Some are the result of a data breach, and there have been a lot of those happening lately, causing many IT experts to call it a cybersecurity nightmare. Another way they collect that information they’ll end up melding into a new identity is by searching the Dark Web and purchasing it from another cybercook.
One of the main ways cybercrooks get access to your personally identifiable information is by hacking into your computer – most notably due to a weak password. Most cybersecurity experts agree that having a strong password – one that is at least 12 characters long with a combination of letters, numbers and symbols – is the way to prevent password hacking and protecting data. Plus, they recommend having a unique, strong password for each and every one of your accounts. That would be an overwhelming task to try to create and remember many strong passwords, so a password manager is the best way to go. Some of the top ones include LastPass, Dashlane and Keeper.
To help prevent synthetic identity theft from becoming a long, ongoing problem, it’s smart to review your credit bureau accounts for any suspicious activity, like new open accounts appearing that you never applied for. You should review your child’s account as well, since they’re a primary target of synthetic identity cyberthieves. You’re entitled to get a free credit review each year online.
Yet another way is to purchase personal data from people-search sites like Pipl, US Search and Intelius. They offer unauthorized personal information for sale – and it’s all perfectly legal. To avoid this, you need to delete all of that data from all of the different people-search sites.
One final piece of advice: never reveal your Social Security number online to anyone you don’t know or trust. If you’re opening a credit or bank account, they will need your SSN. However, if you log in directly to a URL that you type, you will know it’s really a safe website, and not a spoofed one that some cybercrook has created.
By following the suggestions and information included above, you’ll be well on your way to avoiding synthetic identity theft.
