‘Tis the season for celebration and togetherness.
Unfortunately, it’s also a time for identity thieves and hackers to prey on millions of innocent consumers.
The most high-profile data breaches, such as cases involving Target in 2013 and Home Depot in 2014, tend to occur during periods of elevated shopping activity — the reason December has been declared National Identity Theft Prevention and Awareness Month.
To determine where Americans are most likely to be exposed to and affected by identity theft and fraud, analysts at the personal website WalletHub looked at data from the Federal Trade Commission, the Internet Crime Complaint Center and the National Conference of State Legislatures to determine which states are most susceptive to identity theft and fraud.
The District of Columbia ranked first — followed by California and Florida — for being most susceptible.
The District also ranked tops in categories like the highest average loss amount due to online identity theft; most fraud complaints per capita; and the highest average loss amount due to fraud.
Maryland ranked fifth in the category of most identity theft complaints per capita. The Old Line State also ranked high in highest average loss due to online identity theft and most fraud complaints per capita.
According to Identity Theft Resource Center’s most recent data breach report, there have been 901 breaches with access to 34 million records this year and for the past 15 years, identity theft has consecutively been the top complaint to The Federal Trade Commission.
Experts said social media is a prime culprit in fueling incidents of identity theft.
“So much useful information is available for masquerading as someone else, whether that’s answers to security questions that are used when you lose your bank password — such as, ‘what’s your pet’s name’ — or applying for a new account with your address, date of birth and other information,” said Matthew Wright, a professor of computing security and director of the Center for Cybersecurity at Rochester Institute of Technology. “People need to both be careful about what kind of information is shared, whether publicly or even among your social media contacts, and to not use answers to security questions that are too easy to find out from a quick search.”
Sascha Meinrath, another WalletHub expert and the Palmer Chair in Telecommunications and director of X-Lab at Penn State University’s College of Communications, offered what he called a rather non-intuitive tip to help prevent identity theft and fraud.
“Lie. What I mean by that is that people should create an alternative self when coming up with answers to the myriad security questions we are inundated with,” Meinrath said. “Likewise, it is becoming more and more difficult to control basic — and very personal — information about your life whereas a fictional version of yourself can prove far more secure.”
Primarily, individuals should compartmentalize information, applications, and services, Meinrath said. While interconnecting everything together is ideal, the downside is that security is a lowest-common-denominator phenomenon — the weakest link is the greatest security any system has, he said.
“Most identity thefts take advantage of boot-strapping processes where information is gleaned via a multi-phase process of gaining access to ever-more-sensitive servers,” Meinrath said.
Most importantly, the report suggest that individuals should remain vigilant when it comes to monitoring their accounts.
District residents and others should also be proactive in resolving any red flags they find, rather than waiting on their banks or the authorities to notify them of any wrongdoing.
“I think people need to get used to the idea that their Social Security number and personal information will probably be compromised in the next few years. It may have already happened,” Matthew D. Green, assistant professor at Johns Hopkins Information Security Institute, told WalletHub. “What people need to do individually is monitor their credit.”
To fight against identity theft, the District-based WalletHub encourages individuals to step-up email security with an “especially secure password” and two-step authentication, and to leverage account alerts for all financial accounts.
Further, District residents should get an extra layer of protection when filing tax forms by applying for a six-digit personal identification number that they will submit along with their Social Security number on documents.
“Remember that having identity protection doesn’t make you failsafe, so plan for the worst when looking at service providers,” said Emily Duke, a cybersecurity and business lawyer at Duke Law Office and CyberSmart Law. “If someone is successful in stealing your identity, the time and hassle to correct the damage is huge. Look at whether providers provide insurance to cover you if creditors — not your creditors — come after you, and to pay for professionals who can help you clear your name and get your life back.”
For the complete study, visit www.wallethub.com.