Your Bank > Education and Advice > CNB University

Identity Theft 101 & Best Practices

By Ryan L. Kaiser, CFE, Assistant Fraud Risk Manager, Canandaigua National Bank & Trust

During the first two years of the COVID-19 pandemic, reported incidents of fraud and identity theft increased in frequency substantially. According to the FTC, identity theft complaint frequency rose 113% year-over-year during 2020, with 33% of adults in the United States experiencing some form of identity theft. During 2021, complaint volume grew again, with identity theft comprising about 24% of the 5.9 million overall complaints related to fraud. During this time, the most common complaint types involved government documents / benefits fraud.

For the first six months of 2022, the FTC has reported a mild reduction in year-over-year identity theft complaint volume. 604,000 incidents were reported year-to-date, with schemes most commonly involving credit card fraud attempts. Despite this mild decrease, clearly, identity theft is a problem that is not going away anytime soon. Review the following methods utilized by bad actors to steal identities and consider the following best practices!

How Are Identities Stolen?

  • Lost wallets or purses – easy access to credit cards, debit cards, social security cards, drivers’ licenses, and other sensitive documents.
  • Mailbox theft – checks, bank statements, and other sensitive account information can be obtained by bad actors through simple theft.
  • Public Wi-Fi hacking – unsecured connections shouldn’t be utilized for shopping, banking, or sensitive transactions, as information can be intercepted by fraudsters!
  • Data breaches – according to the Identity Theft Resource Center’s report on 2021 breaches, there were over 1,800 unique data breach events throughout the year.
  • SIM card swaps – fraudsters take over a phone number without authorization from the consumer.
  • Phishing, SMShing, spoofing – bogus outreach attempts via email, text message, or phone call which aim to trick consumers into turning over personal information.
  • Skimming – the act of fraudulently obtaining credit card information from a device installed at a gas pump or ATM.
  • ‘Shoulder surfing’ – fraudsters can obtain passwords or card numbers by looking over your shoulder or watching you type on your device.
  • Malware – opening a malicious email attachment or link can deploy software on your device, such as a keylogger. Once installed, bad actors use this information to steal usernames, passwords, and other sensitive information.

Best Practices for Protection

  • Trust your gut – if you receive an unsolicited phone call, text message, or email and something seems ‘off’, you are probably correct; do not engage!
  • Check financial or bank statements regularly, reviewing judiciously for unauthorized / irregular activity, transactions that you did not initiate, or anything else that seems out of the ordinary.
  • Check credit reports regularly for potential fraudulent loans or lines of credit opened in your name.
  • Use strong, complex passwords, which are frequently updated.
  • Do not use the same password for multiple accounts.
  • Use multi-factor authentication on accounts where it is available.
  • Be cautious about what information you share online via social media; consider adjusting your privacy settings on social media profiles.
  • Avoid social media quizzes which poll users for specific personal information - fraudsters can leverage this data to commit identity theft!
  • Consider going paperless for bills or account statements to mitigate potential document theft risk.
  • Safely dispose of old or outdated documents containing personal information, such as old credit cards, tax returns, medical records, bank statements, or utility bills.

If your identity has been stolen – consider the following steps –

  • Contact the companies where the fraud occurred to inform them of the incident.
  • Report the incident to the FTC.
  • Consider setting up a credit freeze or block with the credit bureaus for protection moving forward.
  • Consider having your devices checked by an IT professional for potential malware/virus threats.
  • Change applicable passwords.
  • Notify your bank.
  • Consider closing an account and opening a new one if the incident occurred with a service provider you do conduct business with.
  • Report the incident to law enforcement if you feel inclined.

Our Commitment to Help Protect You

Questions related to identity theft or fraud? Feel free to contact us for additional information.

  • CNB Security Center contains relevant fraud articles and resources.
  • CNB offers customer-centric seminars hosted throughout the year-
  • Certified fraud professionals are available to assist when you need it.
  • Follow us on social media to stay up to date on emerging trends and fraud threats.