Identity theft

What is it?

Identity theft

Case study – read a real life example of how identity theft could impact you

It can seem like almost every activity online requires you to create passwords, usernames and give personal information about yourself. Sometimes this is because sites want to keep you secure and protect your identity or because they offer a social networking service.

Unfortunately there are criminals searching for people who give away too much information about themselves. They often use what is called ‘social engineering ’ to trick people into giving away too much information.

If other people are giving personal information on social networking sites you could feel pressured to do the same.

Trust your instincts when people contact you online or over the phone, make sure you verify who it is you are speaking to and don’t be afraid to say ‘no' or to simply hang up and end the conversation without giving a reason.

Social networking

Sites like MySpace, Facebook and Friends Reunited are great for chatting with friends and creating social networks online. It can be tempting to use the same passwords for all these sites or create usernames that are obvious and easy to remember. Remember if you do this and a criminal breaks one of your passwords they then have access to everything.
Find out more about staying safe whilst using social networking sites.

Protect yourself

Here are some simple steps you should take to protect your identity from fraudsters when you’re:

1. Printing personal documents

Protect your post, and anything you print from the internet, just like you’d protect the contents of your wallet or purse. And if you move home, make sure you use the Royal Mail redirection service.

Read your statement as soon as you receive it, and report any transactions you don’t recognise.

Store statements, bills, and confidential letters securely, like you would your valuables.

Shred any personal documents you no longer need.

2. Out and about

Be wary of ‘shoulder-surfers’ – people behind you in queues at the till or at the cash machine, trying to see you enter your PIN. And when you hand over your card to make an in-store purchase, don’t let it out of your sight.

Don’t use the ATM if you think it’s been tampered with, and report your suspicions to the bank.

Keep your wallet, purse, mobile phone, organiser, house keys – any personal effects – out of sight and reach.

3. Online and over the phone

Use different PIN's and passwords for each account or application, and never tell anyone what they are or give them over the phone. Halifax would never ask for your full PIN or password.

Avoid using the ‘auto complete’ option when completing forms online. The software is easy for thieves to access.

Look out for phishing emails, which appear to come from financial institutions asking you to confirm account details. You can usually report these emails to the financial institutions they claim to come from and help close the net on fraudsters. Halifax never asks customers to confirm account details by email.

Update your computer’s anti-virus software and firewall settings regularly.

Be careful using internet cafés, forums, chat-rooms and social networking sites – fraudsters often use them to try and access personal information.

Be wary of unsolicited phone calls, emails and visits to your home. With ‘friendly sales calls’, always ask for the caller’s number and verify the company name.

Report it

How to report a fraud

If you think identity fraud has caught up with you, don’t panic. Here’s what to do:

  • Call Halifax on 08456 02 00 00 if it concerns your Halifax account
  • Contact your local police
  • Contact any other banks or credit card companies you use to cancel cards and accounts
  • Contact a credit reference agency to check your credit status

Remember - if something seems suspicious it is possibly fraudulent. By taking extra care of your personal information, you can really help reduce the risk of identity fraud. And if it does happen to you, rest assured, there’s plenty of help and advice - you’re not alone.

Corporate fraud

If you are a business owner or employee responsible for security, finance or IT, there are some key ways you can reduce the risk of identity fraud:

  • Check the identity of every new customer. Use reputable credit reference agencies.
  • Introduce and stick to strict procedures for disposing of documents containing any company information – shredding information continues to be one of the best ways of disposing confidential information.
  • Store sensitive documents in a safe place and limit access to only the employees who need it, to ensure information is not falling into the wrong hands.
  • Keep company accounts out of the public domain to ensure fraudsters can’t obtain sufficient detail to facilitate an attack by impersonation.
  • Update information security regularly, using the latest versions of computer firewalls and anti-virus software. This is crucial in staying one step ahead of corporate fraud.
  • Encrypt important information for extra security, this allows only authorised users to access them. This can be a powerful guarantee of privacy and security.
  • Have a clear change control process to ensure that requests to alter payment details are genuine and not someone impersonating your customers.
  • Make all staff aware of the risks of corporate fraud, and the procedures in place to tackle them.

More information

Identity Fraud case study - Marc, a 22 year old assistant manager, never gave much thought to Identity Fraud until he received an email from a bank telling him that his ‘application for a credit card was being processed’.
Marc hadn’t applied for a credit card so he contacted the bank immediately and cancelled the application.

Unfortunately the criminal – who had got hold of Marc’s date of birth, email and postal addresses among other bits of key information,– had applied for other loans and credit cards and Marc continued to receive emails alerting him to new applications under his name.
Marc contacted the police.  He was extremely worried about the extent of the criminal’s activity and the effect this would have on his credit score.  It was time consuming to cancel each application and get them removed from the lenders’ records.

Marc joined a credit reference agency to check his credit report.  He then  found further applications in his name that were fraudulent.  The agency stepped in to help Marc, and a note was attached to his credit report explaining that he had been the victim of attempted ID Fraud.

Marc said “Before this happened I never thought twice about ID Fraud and certainly didn’t think I’d end up becoming a victim of it.  I’m now extremely vigilant about getting rid of my confidential information to make sure that it’s not out there for criminals to exploit.

Follow our surf safely rules when accessing the internet on any computer, phone or mobile device.

Further information about identity theft can be found at www.identitytheft.org.uk*. This in-depth website has been produced by the Government and a number of leading public and private companies to combat the threat of identity theft.

*Links to external sites are provided as part of our commitment to making online banking safe and secure. However, we cannot accept responsibility or liability for the content or availability of external sites. We cannot guarantee that any software downloaded from these sites will work, or be free from viruses or malicious code.

You are here:  Home > Security & Privacy > Security > Common threats > Identity theft