The Emerging Trends in Identity Theft Scams

After hitting an all-time high in 2021, identity theft held steady last year, according to new data from the Identity Theft Resource Center.

In its second annual report looking at identity crimes against individuals, the group says there were 14,817 reported instances of identity theft in 2022 compared to 14,947 in 2021, a decrease of less than 1%.

While the numbers are hovering near record highs, there are some trends emerging which could push this year’s numbers higher, as bad actors come up with new methods.

• Social media takeovers remain a big, juicy target for identity thieves. What started as a developing trend in 2021 exploded as scammers found new ways to convince people to share personal and business information (often pretending to be a new or existing personal relationship). This impacted both individuals and small businesses.
• Beyond just collecting information through data compromises, the thieves are also misusing data in new ways. While social media accounts were the primary type of account compromised in the past year, roughly 30% of existing account takeovers and 62% of new account creations impacted financial accounts, both banks and credit cards.
• Driver’s license accounts are increasingly a target. In 2021, DMV accounts made up 4% of government accounts that were misused or taken over. The number increased to 15% in 2022.

An increasingly popular tool of scammers last year was Google Voice. Some 61% of the victims who reported an identity theft crime fell for a scam using that tool, compared to 53% the year earlier. In those scenarios, scammers act like interested buyers when people try to sell something online, convincing the victim to share their Google verification code to create a fake Google Voice account in their name. That can then be used to trick others.

The ITRC has received reports of people selling puppies, looking for lost pets and renting out rooms getting calls asking to provide the Google Voice verification code to prove they are legitimate. These too are scams.

Victims of color suffered more financial losses than other identity theft victims, the ITRC reported. And overall transparency is still a significant problem in this sort of crime, indicating it’s much more widespread than the number indicate.

Officials at the organization note that official reports about attacks continues to get worse. Data breach notices, when filed, often lacked details about how companies were compromised and victim details. Only 34% of the reports, in fact, contained that information.

“In the U.S. there were an average of [nearly] seven breach notices issued each business day in 2022,” Eva Velasquez, president and CEO of the Identity Theft Resource Center, said in January. “Compare that to the 356 breach notices issued each day in the European Union during 2021, the last year for which data is available.”

There is some light in the tunnel. The White House recently unveiled a Presidential Planning Document, which highlights the need for government agencies and nonprofits like the ITRC to work together to help victims who don’t know what to do next.

“We look forward to working with our nation’s leaders to bring the vision of improved services for identity crime victims to reality,” said Velasquez.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.

Other Topics

Cybersecurity Social Media Companies