ID Theft Resources

Share Article
14 December, 2023
|
5 min read

Cracking the code: How scammers piece together your identity in the digital age

BC

Brenna Cleary

Principal social media marketing manager; security and privacy advocate

+ More
A hacker using a laptop to piece together personal information to scam unsuspecting victims in the digital age.

What are the unintended consequences of shared data? See how seemingly anonymized information can be deciphered by digital detectives on the wrong side of the law. 

Can you ever be truly anonymous in today’s digital world? It's easy to forget just how much information is out there about every one of us—and everything we use. Take, for instance, New York City’s yellow taxis. A few years ago, NYC generously shared a year's worth of data on cab movements, fares, and tipping habits, all neatly packaged with anonymized codes. What could possibly go wrong, right?

Enter civic hackers, digital detectives who embarked on a mission to unravel the seemingly secure anonymization of those iconic yellow cabs to prove a point about shared data. And, surprise, surprise, they succeeded. But their mission didn't stop there. They took it a step further, weaving together public camera access and social media breadcrumbs to track the movements of public figures—finding out where they travel, work, and live.

Scary, right? This is a lot like how identity theft works.

Picture this: your credit card number is lifted from the dark web, your home address is plucked from public listings, your mother's maiden name is unearthed from a genealogy website, and your email discovered through a seemingly harmless social marketplace post (guess selling that couch for $200 might not have actually been worth it).

It's all a puzzle, and scammers are excellent puzzle solvers. Determined scammers piece together the mosaic of your life, inch by inch, until they have enough to pull off a crime. So, how do they get all this info...and what can we do to stay better protected?

The dark web's dark corners

Shady characters lurk in the expanse of the dark web. Your credit card number, the golden ticket for many scammers, often finds its way into this digital underworld. According to a recent study, the dark web is flooded with stolen credit card details, with millions of records up for grabs; there’s about six million out there, with more than half belonging to those in the U.S. These nefarious marketplaces run like digital black markets, allowing scammers to buy and sell sensitive information with a few clicks. It's a wild bazaar, and your credit card is a hot commodity.

So, how can you keep your information out of this dark, dingy place? To begin, always use strong passwords along with two-factor authentication. Avoid using public Wi-Fi to access financial information or make online purchases. Check credit card statements carefully to watch for suspicious activity. It all comes down to being more cautious with your credit card information and more aware of the potential dangers.

Another simple way to boost protection is with Dark Web Monitoring notifications. If a monitor finds any information of yours on the dark web, you're notified immediately so you can act quickly. When you subscribe, it defaults to monitor your email address, and a one-time historical dark web scan is run—looking all the way back to 2008—to determine if the information you provided has ever been exposed. Moving forward, ongoing scans are run to keep an eye out for exposed information.

Public listings: Home security needs a digital upgrade 

Scammers don’t just lurk on the dark web though. Your home address is just a click away for those who know where to look. From census data and property records to the voter registration database, your address can be found with as little information as your name.

Scammers also use obituaries, credit reports, your delivered mail, data breaches, old or lost devices, directories, social media, and more—your address could be discovered in places you haven’t even thought of. It’s crucial to be mindful of what information is out there for the world to see.

So, how can you keep your address as secure as the deadbolt on your home? There are a few ways to lock it down, but the most important are to use common sense and use privacy settings on social platforms.

Be aware when posting to a social media marketplace, think before posting that pic of your house’s new paint job, avoid the playful surveys where you share a piece of personally identifiable information, or PII, in order to “find out your DJ name.” Further measures include using a P.O. box, creating a virtual address where you pick both a physical and digital location for mail to be delivered, or opting out of certain public records—depending on your state.

Genealogy websites: The family tree unraveled

Your mother's maiden name is commonly used as a security question in some apps and on some sites. With the rise in at-home genetic testing since 2017, everyone is becoming much more vulnerable to scammers easily finding these bits of personal information—and much more.

In fact, according to an article from The Street, around 1 in 5 adults have taken at-home genetic tests in America. The bottom line is that while discovering your ancestry is fascinating, it's essential to recognize the potential dangers of all that information being on the web. The breadcrumbs we leave on these websites can lead scammers straight to us.

So, how can you keep it all in the family? First off, stop using family names in your passwords. If you are having trouble remembering your passwords or need an encrypted solution for creating and storing strong ones, it’s time to look into a Password Manager.

Secondly, make sure you familiarize yourself with any company or website you use for DNA testing or genealogy research to make sure it’s legitimate. It’s especially important to check their privacy policy to make sure your information isn’t being displayed where you don’t want it.

Lastly, a tip from Family Tree Magazine: avoid posting the names, birthdates, locations, or any photos of living relatives without their permission. Not only does it safeguard personal information, but it’s also good online manners.

Social media: The modern-day diary

The deluge of data a scammer can sift through on a DNA testing or genealogy site is nothing compared to the information many of us serve up on a silver platter on social media. Don’t worry, we’ve all done it, we’ve all been there—but it’s best we change our ways now. The FTC calls social media a “gold mine for scammers” after consumers reported losing $1.2 billion to fraud through various social media and video streaming platforms in 2022.

Your email, often used as a login credential, becomes a valuable piece of the puzzle and, like mentioned previously, so does that survey using personal information so you could find out your DJ name, that pic you posted of your freshly painted house, even that couch you sold on the marketplace. Everything you share is another inch for scammers to gather and could be the missing link in their grand scheme.

So, how can you keep your ‘gram alive or your TikTok tickin’ without the overshare? Be cautious and, again, use common sense. Don’t post addresses, phone numbers, sensitive information, or full names—be it in words or pictures. Think before you post. It’s also good to remember not to open links that might be a phishing scam, and definitely don’t trust messages from people you don’t know, especially if they’re asking for something.

For added protection, LifeLock Ultimate Plus offers Social Media Monitoring and lets you know If we suspect  suspicious activity, like changes to your account settings or potentially dangerous links. If you’re going to keep up your digital lifestyle, it’s best to stay aware of what (and who) might be creeping.

While these four areas are a good place to start when thinking about how to protect your identity, they don’t cover everything. It’s just as much of a puzzle for you to cover your tracks as it is for scammers to find them.

It's a reminder to be vigilant, to safeguard our digital footprints, and to stay one step ahead of those who want to exploit us. So, keep those passwords intricate, adjust your privacy settings, and embrace the power of discretion in the digital age. If you’re going to stay connected, be protected . And, piece-by-piece, we can help prevent scammers from putting together the puzzle of your identity. 

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Dropbox Not Hacked, But Your Account May Have Been Compromised
Dropbox said no breach had happened on its servers. “Your stuff is safe. The usernames and passwords…were stolen from unrelated services, not Dropbox.
Read More
Can Your Identity Be Stolen With Only a Name and Address?
Stay informed about the latest identity theft news and stories about what law enforcement and elected officials are doing to protect consumers from becoming victims.
Read More
Child Identity Theft by a Parent: What You Need to Know
Stay informed about the latest identity theft news and stories about what law enforcement and elected officials are doing to protect consumers from becoming victims.
Read More
Debit vs. Credit Card ID Theft
Most credit card companies allow 90 days for a victim to report an unauthorized transaction, while banks generally require a two-day notice for unauthorized debit card purchases.
Read More

Start your protection,
enroll in minutes.

Get discounts, info, protection tips, and more

Sign up for promotional emails