Phishing is a type of cyberattack that can get you into serious trouble. Sometimes, people with malicious intent track personal information that they later use to impersonate their victims in front of companies, institutions, or even others around them. On the plus side, this type of cyber threat, like most network risks, can be avoided with a few simple precautions and using the right security tools.
However, it is convenient that you know what to do in the event of identity theft to minimize the damage in the event that this situation was to occur or if you have indications that it has already happened.
Table of Contents
What Is Identity Theft?
It is a malicious activity that seeks to impersonate another person. There are different reasons: to commit fraud, obtain data, practice cyberbullying, or obtain financial benefits through blackmail. Do not think that only famous people or politicians suffer from it, since to avoid being a victim of this type of threat, it is best not to let your guard down and always maintain certain precautions.
Keep in mind that spoofing can be done relatively quickly. For example, by creating a fake profile on a social network and acting like you are the person you say you are. This threatens anyone’s security and reputation since the account impersonating the identity could issue, for example, a defamatory statement that affects the prestige of the affected person or the distrust of those they know.
Furthermore, the usurpation can be carried out through account theft. The most straightforward technique is a brute force attack, which aims to discover the password by trying thousands of combinations until the correct one is found. If it is weak, the attacker can succeed and guess the password. Once you have gained account control, you can change the password and recovery methods. Any data or information contained in the account would be available to you.
How To Detect Account Hijacking?
There are different ways to detect that an account hijacking has occurred. Some are indirect, meaning the offender has done something involving you. For example, you could receive a call from a collection agency demanding the payment of a debt in your name or see the granting of a mortgage or loan rejected.
You may receive a confirmation email for renting an apartment or that you have made a particular purchase in a store you have never visited. Money will also likely disappear from your bank account if the criminal has taken it. And on social networks, you could see posts on your profiles that you have not made, such as a photo of people you do not know or data from your private life.
Another way to detect impersonation is by trying to access your account. If you have tried different methods and cannot enter, you may face a robbery. Before considering this situation, you must have exhausted all the alternatives. Consider this the last possible scenario since you will likely have forgotten the password.
You could also appear registered on numerous Internet platforms or, directly not have access to those you already had previously. For example, you try logging into your account from a website to view streaming content or an online store, and you can’t. You exhaust all password recovery options and still get no results. In this context, you are likely to face identity theft.
Steps To Follow In Case of Identity Theft
If you suffer from it, you cannot sit idly by but keep calm because this situation has a solution. Also, remember that both the platform where the usurpation took place and the State Security Forces and Corps will be willing to help you. We recommend following these steps to facilitate quick and effective action:
Document what is happening
It would help if you documented what is happening before you report phishing. Try to review and exhaust all the options offered by the platforms to recover your account. You must come with unequivocal proof of your situation. Get copies of possible emails, messages and screenshots of criminal acts.
In case you are unsuccessful in the recovery and have collected enough evidence, it is time to report. Get in touch with the platforms. For example, you will find links to all the available social networks on the Internet User Safety Office website. These direct you to the pages dedicated to reporting impersonation so that you will always have their support.
Alert your friends and family.
You must notify your contacts of what is happening. Not only will they witness what happened, but you will also alert them that you do not control your accounts. In this way, you avoid misunderstandings with those you appreciate, an additional problem that can lead to identity theft. In addition, they can help you maintain control over your profile by alerting other people.
Go to authority
If you know you are being the victim of a case of identity theft, do not hesitate to go to the authorities. The Police or the Civil Guard has units specialized in cybercrime. They are instrumental in severe cases where it has not been possible to recover your profiles in other ways or if crimes are committed using your name.
Remember that platforms like Facebook or Twitter allow you to report a possible usurpation. They will study your situation and act accordingly while the authorities investigate what happened and look for the people responsible. Usually, you will recover your accounts in a short time.
Guidelines To Prevent Identity Theft
Prevention is the key to protecting yourself from identity theft. Luckily, there are different guidelines that you can follow to save yourself from this severe problem. In addition, many are easy to apply but unquestionably effective.
Do not show your passwords in public.
Showing your passwords publicly is a grave mistake. Anyone who wants to hurt you will have a golden opportunity. They won’t have to go to any lengths to impersonate you, as they know how to access your profile. This is a situation that you can easily avoid by being careful. Also, if someone asks for your credentials, wait to provide them.
No platform will ask you to give them your password, which they usually inform. So, in the face of this type of request, the best option is to remain cautious and not give any information. Remember that prevention is the key to browsing safely. Just as you wouldn’t give a stranger your home address, don’t give out your account passwords either.
Do not enter secure pages.
Secure pages have different certificates that demonstrate the measures they take. One of them is the HTTPS protocol ( hypertext transfer protocol secure ), which protects the integrity and confidentiality of your data. If you enter a website that does not have it, avoid registering with them.
To check if it uses HTTPS, click on its address. It should start like this: https://. If it is not present, you are on an insecure page, potentially dangerous for you. The owner may not have activated this protocol, but try to prevent the consequences before dealing with them.
Avoid strange links
If a link takes you to a web page with misspellings, bad presentation, or that does not have the HTTPS protocol, you may be in a false one. Suspicious links can reach you through social networks, email, SMS or WhatsApp messages. If you do not know its origin or the sender must be correctly identified, do not enter them.
Use two-step authentication systems.
Your security always starts with having a strong password with a robust code (a combination of uppercase, lowercase, numbers and symbols). However, a two-step authentication system is a perfect complement to deter any criminal from accessing your accounts. Creating several protection barriers gives you greater security and peace of mind.
An example of this authentication system is the one used by banks and some web pages. The first part is a password, which you must provide, and the second consists of a code sent to your mobile phone by SMS message. This makes it difficult to remove an account since your device is needed to verify access. You can also verify your identity by email, a security question (to which only you know the answer) and biometrics (facial recognition, fingerprint, etc.), among others. In short, try to act proactively to avoid impersonating Internet identity. These situations can get complicated and lead you to lose your accounts on the network. Always resort to the platforms to find a solution and report to the Police or the Civil Guard to avoid greater evils.