Have I been a victim of identity theft?


Published on

Weird things are happening to my emails and I fear my identity has been hacked and misused. What are the signs?

Pure Hacking, a company that specialises in flushing out hacking, says over 1 million Australians have been the victims of identity fraud, so your experience is being shared by many.

Pure Hacking's Ty Miller says there is a range of key indicators for being hacked. You may find yourself locked out of your email addresses and no longer able to access your social networking accounts, and money may have disappeared from your bank account.

identity theft identity fraud

In many cases you may start receiving emails from new sources, signing you up to spam addresses and pre-paid subscriptions. You might find one Monday morning that you receive a raft of angry emails from acquaintances and friends asking if you sent that email link signing them up to a course of Viagra. Mostly hackers' main objective is to get their hands on your money or to obtain loans in your name, so checking your bank statements is a good start.

When you think about the amount of information stored in your computer or iPad and what you have revealed about yourself on Facebook and other social media, it is easy to see how your profile could be stitched together and misused.

Your computer contains your email address, records of online purchases complete with credit card details, websites you visit, ISP connections and accounts, social networks you use, blogs you may write or subscribe to, social media accounts and your friends from those accounts, Skype address, instant messaging links, web mail links, where you are physically located, your causes and any YouTube uploads.

With people sending, receiving and storing everything from personal photos to work-related documents and bank statements, email accounts can be a potentially lucrative gateway for criminals trawling for personal and corporate information.

And it's not just your computer that you need to protect. These days your phone doubles as a wallet, ID card, your email and your family album, putting sensitive information at risk if the phone is lost or stolen.

Many social media users disclose personal information online, such as birth dates (maybe through a birthday celebration post), family and pet names, where you are holidaying and images with GPS geodata embedded.

It takes a hacker with automated tools only 60 minutes to hijack this information and take control of your identity. Criminals can gain access to everything in your inbox, they can reset your passwords for any online site and may click on the "forgot my password" link to intercept those emails and effectively lock you out of your own accounts.

What else does my email account reveal about me?

It discloses to a hacker the number of sites they can hack. Some free email offerings are much easier to compromise than others and they can be a back door into other linked email accounts, corporate networks and websites that also rely on the same password you use for your email account.

Social media accounts can reveal a high level of personal information such as your profession, work and education history, personal interests, marital status and your friends, children and contacts.

I frequently buy goods and services online with my credit card. Does that pose a risk?

There are still many retailers processing credit cards that are not compliant with international data encryption standards. To make sure you are not exposing your credit card details to hackers, it is wise to use PayPal rather than directly entering your credit card details on an insecure site.

If using a credit card to pay, it is best to use one with a low credit limit, such as $200, so that if it is hacked you stand to lose that amount rather than thousands.

What can I do if I suspect I have been hacked?

Suspicious items appearing on your bank statement should be investigated by your bank so that it can begin the process of recovering any stolen funds. Then reset all your passwords and codes for your email accounts and for anything requiring a password. Install or run your anti-virus software on your PC and mobile device to detect any malware.

Who should I contact?

Your bank or credit card issuer to stop the money flowing out of your account.

What other preventive steps can I take so it doesn't happen again?

Use different passwords for different accounts, don't open attachments or emails from people you don't know and watch out for phishing scams. Be selective about social media postings and disclosing personal information and use the privacy settings for all your accounts.

Don't accept invitations to join social networks from strangers and if you are no longer using a free email or social media account, close it. You can use a password database such as KeePass to manage your passwords securely. Use complex passwords and avoid using names of children or pets.

The devil is in the detail.

Get stories like this in our newsletters.

Related Stories