Your Identity May Have Already Been Stolen

2438005410_6100c23246This is a follow up to a previous article.

Identity theft is a growing problem in our world.  Recent reports are indicating that identity theft is occurring more 5x more often than last year.  With such a high growth rate in identity theft you would think that the safeguards on your identities have improved as well.  In some cases this is true, newer credit cards are starting to include pictures, and more checks are being made before giving people access to your money.

Did you know that your online identity is wide open for people to access and steal?  Anyone with Internet access has the ability to sign up for an account on any one of hundreds of social networking sites.  To test this out I recently signed up for a twitter account.  I was creating this account for myself, but I could have just as easily created an account under any name.

A twitter account is surprisingly easy to sign up for.  All you need is 10 minutes, your name, a user name, and an e-mail address.  This is all it takes to sign up to almost any social networking site.  With just 10 minutes I could be pretending to be Ashton Kutcher or President Obama.  Just imagine the damage someone with ill intent could do to your reputation should they so desire.

Just today I found a faked twitter account created by someone pretending to be a member of parliament in Ireland.  This person was using the account to spout random garbage and generally slander the person they were imitating.  Likely, this person thinks they are being funny, and chances are they don’t understand that doing such things can actually be considered criminal.  Yet, the damage done in “fun” is exactly the same as the damage done when not being “funny”.  I have even heard of people who register your name so they can hassle you directly.  By being in control of your name at a popular social networking site an attacker can attempt to extort money or other favors from you to turn over the name.  Often, due to the terms of service, you will have no choice but to change your user name, pay, or sue the social network.

The important question to ask yourself is how do you stop this from being you.  Since the Internet is relatively unregulated in any meaningful way, you will need to take steps to protect yourself now.  You will also need to take steps to ensure you continue to be protected.

The first and most important step is to sign up for every single social networking site you know of.  Even ones that are not popular yet (or may never be).  Services such as Facebook and Twitter didn’t start out popular, don’t underestimate a social network.  Since this can take a lot of time and effort to keep track of and manage you will want to create a spreadsheet or use a password manager to keep track of where you have signed up.

At a minimum place basic identification information in your new user accounts to mark them as yours.  Check back every 1-3 months just to keep the account fresh and prevent it from being automatically deleted.  Remember you don’t actually have to use these accounts, you are mostly attempting to ensure that your brand and user names will not be stolen by others.  If necessary, sign up multiple accounts per service for each brand or company you are protecting.

The next step will be to monitor these sites occasionally for people spoofing or attempting to be you.  This is a huge issue for celebrities, but it can also be an issue for lesser known icons as well.  Often, it can be a problem because the attacker knows you won’t have the financial resources to pursue them in court.

If you detect someone trying to be you.  First make sure it isn’t someone who incidentally has the same name as you.  Then (if you are sure) you will need to contact the social network directly to report the fraud attempt.  Do not under any circumstances contact the potential fraudster directly.  That will only provoke them.  Fraudsters are often far more technically savvy than the rest of us, they may do any number of nasty things to you if provoked.

The final step is to ensure you have secure passwords.  Using the same password at every site is very likely to cause you issues in the long run.  I personally use long and completely random passwords.  This ensures the likelihood of someone guessing my password is so close to zero I don’t think I can count that small.  If your passwords are all the same it is possible for an attacker to find your password by going after a poorly protected site and then using it to compromise your more public accounts.  They may even be able to access your bank account and other sensitive information, should you be using the same passwords for those accounts as well.

Finally, relax.  You have taken reasonable steps to protect your brand and identity.  Now you can either return to what you were doing before, or, start learning about these new social networking sites you signed up to.  You may find that you like it, I have.

One thought on “Your Identity May Have Already Been Stolen”

Leave a Reply

Your email address will not be published. Required fields are marked *