protonmail

ProtonMail added an encrypted calendar to its encrypted Gmail competitor

Previous year Google faced a hefty fine of $170 million by the Federal Trade Commission following the investigations into Youtube over alleged violations of children’s privacy law. The scrutiny on Google is potentially increased that how it collects and utilizes the consumers’ data and information.

Many people are looking out for some alternative to Gmail because of privacy concerns. ProtonMail is efficiently utilizing this opportunity to grab the attention of users who want to wean themselves off Google. It has recently launched an encrypted calendar “ProtonCalendar” through which paid users can privately manage their schedules in a calendar.

ProtonMail is previously renowned for its encrypted mail services. Currently, the encrypted calendar is only available with a paid ProtonMail plan. But the company is planning to launch this calendar for all the users in the near future. The company wrote in its blog post

“We believe everyone has the right to plan dinner with friends without announcing to Google who will attend,”

Google has faced allegations from its own employees that it was using some browser extensions to spy on them; however, these accusations were declined by the company. In 2017, Google stopped scanning user’s emails for advertising, ProtonMail still claims that some parties use calendar data for target advertising.

Calendars are a lot more than just organizing tool as ProtonMail writes in their blog post

“For the longest time, to easily organize these events, you had to let large corporations monitor these special moments. These companies snoop on your calendar and use that information to inform their advertising. A calendar is more than just a tool. It’s a record of the moments that make up your life.”

ProtonMail is still in its basic beta version. The company ought to add more advanced features and then launch it in the future. The new features will enable the users to invite other users and share their calendars with other ProtonMail users.

 

Google Warns 12,000 Victims of Government Hacks

Google Warns 12,000 Victims of Government Hacks

In just three months, from July to September 2019, Google sent out 12,000 warnings to people who were suspected of being targeted by a government-backed hacking attempt. Google’s Threat Analysis Group revealed in a blog post that during the three months from July to September this year, users across 149 countries were warned that they were targeted by government-backed attackers. The majority of the users were in America and 90% were targeted with phishing emails that were trying to steal the login details for Google accounts of users. 

Google’s Threat Analysis Group (TAG) serves to counter targeted and government-backed hacking against Google and its users. According to Google, the data was consistent with the number of warnings sent in the period of 2018 and 2017. This meant that the nation-state hackers didn’t step up their level of attacks. 

The Threat Analysis Group has been tracking numerous government-sponsored hackers, most prominently a group called Sandworm. The US government considers Sandworm a Russian-backed crew that was responsible for the catastrophic NotPetya ransomware attacks of 2017. In November 2018, Sandworm was targeting Android users. 

High-risk users like journalists, human rights activists, and political campaigns are advised by Google to use their Advanced Protection Program (APP). It bundles secret keys onto USB and Bluetooth devices that the user connects to their device after entering the password for their Google account. The hacker has to have access to that physical key to get access to that account even if they have the login password. An average user can also use that same kind of protection who is particularly concerned about their privacy and security. 

Cybercrimes Rise

Cybercrimes Rise 5 times in 4 years and Continue to Soar!

 A rapid stride in the tech world over the years has increased cybercrimes immensely. According to a report, cybercriminal activities have clamped up 5 times in 4 years.  Since the usage of the internet is increasing with every passing day this internet connectivity has clamped up the volume and pace of cybercriminal activities. It is a challenging task to keep the pace up with new technologies, security trends, and threat intelligence. 

In order to protect information and other assets, it is necessary to take precautionary steps to avoid falling prey to cyber-attacks which are of many types. For instance, identity theft in order to gain sensitive information that is typically protected, credit card fraud, Ransomware which is demanding a payment to decrypt the locked computer or software, phishing in which fraudulent emails to steal sensitive data. Cybercrime in recent times has taken a curious turn with the character assassination of individuals and multi-crore frauds by lurking its way through popular social media platforms.

Cybercrimes- Calling out a set of Perils:

The use of cybersecurity can help prevent cybercrimes, data breaches, and identity theft and can aid in risk management. The protection of internet-connected systems, including hardware, software, and data from cyber-attacks is referred to as cybersecurity. Cybersecurity is a technique of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation. Protection of the usability, reliability, integrity, and safety of the network comes under network security. 

At the global level, the U.S. is taking giant strides forward in terms of implementing cybersecurity. In 2017, two cybercrime major incidents brought down government networks that sent an alarming signal. The need to implement reliable and impenetrable cybersecurity systems received an added push. 

Trends in CyberSecurity:

 

In the wake of the growing sophistication of cyber adversaries, the unprecedented volume of attacks and increasingly lethal IT security threats, coupled with stricter regulatory mandates, there is a pressing need to cope up with IT security more than ever in this new year. Here are some cybersecurity trends at a glance:

 

  • Tracking Shadow IT Inventory

 

Software programs and applications which are not approved by enterprise IT but still running on user devices will be more liable to exploit shadow IT resources. As businesses increasingly embrace software as a service (SaaS), norms are becoming somewhat lenient as users enjoy greater freedoms with their own devices. But it should not be happening by putting cybersecurity at the stake. In digital transformation, businesses will need to take steps for security and constantly monitor user access rights and permissions for any possible regulations.

 

  • User Awareness

 

Businesses need to keep their eyes peeled for any potential risk that can come from their own users. This may include potential harm arising from a sophisticated phishing scam or a user’s lack of awareness in fulfilling a mandate, resulting in data loss, identity theft, etc. Users are always the weakest link in the security chain of business. So it’s crucial to give user awareness training for cybersecurity. 

Just by the employment of next-gen security measures will not help in doing what’s necessary. There are a variety of incidents where users violate the security code of conduct. For example, logging into unsecured public networks, using work devices for personal transactions, downloading unapproved applications, etc. This needs to change.

 

  • Targeted Phishing Attacks:

 

Unsuspected users continue to fall prey to phishing attacks which are the most pervasive IT security threats. A study conducted toward the end of 2018 suggests that online phishing attacks were up 297% over the last year and 2019 shall see this trend booming. Comprehensive security awareness programs should be adopted by businesses. This may include investing in phishing simulators that explain various emerging patterns. This should help users identify suspicious phishing emails, ensuring they do not end up handing over the keys to the castle.

 

  • Operationalizing GDPR

 

Businesses should think of GDPR to increase IT security. As GDPR makes it necessary to appoint a dedicated data protection officer (DPO), operationalizing this compliance will require understanding several aspects of the law, such as how information privacy is protected and anchored in. It will help to determine if the up to date intelligence on the data processed is available. 

 

  • Cloud security:

 

Cybercriminals take aim at the cloud. An increasing number of databases are being hosted in the cloud, which is where software and systems are designed specifically to be deployed over a network. As more and more businesses migrate to the cloud, a new role of cloud migration security specialist will be a key part of large IT teams. Cloud hygiene will only grow in importance over the next 12 months, particularly in avoiding devastating data breaches. Many management and identity verification tools can be used in this regard.

How Can We Fight Cyber Crimes?

 

Fighting cybercrimes is everyone’s business in one way or the other. Following are some ways to protect yourselves against cyber-attacks:

Use Internet Security System

 

Use software that can provide real-time protection against existing malware including ransomware and trojan viruses. It will help protect your data when you go online.

Use Strong Passwords

 

Do not just add easy to guess traditional passwords. Always use a strong password and keep on changing the passwords after some time. Do not repeat the same password for different sites. 

Keep Software Updated

 

Always keep an updated version of the software. Cybercriminals use known exploits frequently to gain access to your software. Keeping updated software will make it less likely that you’ll become a cybercriminal target.

Guide your Children

 

Teach children about the use of the internet. Make sure they are comfortable sharing with you if they experience any sort of online harassment, stalking, or cyberbullying.

Take Measure to Protect Identity Theft

 

You can save your identity from falling into the wrong hands. Know that identity theft can happen anywhere so always be very cautious. It occurs to obtain your personal data in a way that involves deception mostly for economic gain. You might be tricked into giving personal information over the internet or cybercriminal can steal your mail to access account information. So guard your personal information by using VPN over new Wi-Fi connection and keeping your travel plans off social media. Protect your children as identity thieves mostly target children. 

Keep up to Date on Data Breaches

 

Just over the last decade, there have been over  2,550 data breaches with millions of records being affected and the nature of the stolen information makes them considerably more serious than most. One should always stay up to date by such cases so that he can protect himself against such incidents. This will help you find out which type of data was targeted by criminals so that you can protect them. 

Manage Your Social Media Accounts

 

Keep your private information well secure and locked down on social media sites. Just a few data points will be enough for social engineer cybercriminals to get your personal information. It the less you share publicly the better it is. 

Always Use a VPN

 

Whenever you are using any WI-Fi network at a public place it is a good practice to use VPN whether in a library, hotel, cafe or airport.

Become a Victim? Know what to do

 

If you believe you have fallen prey to cybercrime, you need to inform local police and in some cases FBI even if the crime seems minor. Your report may assist the authorities in their investigation or may help to thwart criminals from taking advantage of people’s personal data in the future. If cybercriminals have stolen your identity following are some steps you can take:

  • Report the crime to FTC
  • Get your credit reports and place fraud alerts
  • Contact financial institutes or companies where the fraud occurred. 

As technology is advancing, it is important for every organization to identify the real problem i.e. lack awareness related to cyber intelligence and crime could potentially inflict a heavy loss. One should be aware of how to protect himself against these crimes and where to report if he gets trapped in. In a nutshell, cybercriminals are becoming more discrete and to identify the breach in security needs to be identified and dealt with high urgency to avoid identity theft and data breaches. 

Identity theft

Identity Theft – One Fraud Multiple Facets

Identity theft is a global crime. All types of identities, including the financial, medical and business identities of common people and business executives are stolen and exploited to defraud businesses and institutions. 

As per the Federal Trade Commission’s (FTC) 2019 report, 1.4 million identity theft fraud reports were processed. A total of $1.48 billion were lost in those frauds. The most common frauds that surfaced were imposter scams, credit card fraud and debt collection through stolen identity scams.  

Symantec’s internet security threat report stated that account takeover fraud rose by 79% and new account fraud rose by 13% in 2018 as compared to 2017. 

These fraud reports are raising unease among the business circles and they are very keen to find an ultimate solution to eliminate these frauds. One of the most common counter fraud techniques employed by businesses globally is real-time identity verification of the stakeholders of an entity. It provides a risk cover while enhancing the compliance and customer onboarding procedures of the company. 

A 2018 survey of identity-theft-related crimes in the UK based banks revealed that banks are using enhanced due diligence tools (online identity verification, and AML compliance tools) to mitigate the risk of identity fraud with them.

Industries targeted by identity thieves 

Contrary to the common notion, all types of businesses are targeted by identity thieves. Whether it is a financial institution or a non-profit organization, all industries are the targets of identity-theft-related fraud. 

Every business has a unique business model, but fraudsters do find a way to invade the protocols using a stolen identity. The following discussion will provide an insight into how a stolen or fake identity can take different facets to defraud several businesses. 

Financial industry

Key motive behind fraud is monetary gain. So, fraudsters commonly target financial institutions. And most common frauds conducted with a stolen identity are credit card fraud, account takeover fraud, money laundering, mortgage fraud, and wire transfer fraud, etc. 

Insurance institutions, mortgage houses, banks, stock exchanges, investment companies, etc. are the common victims of these frauds. 

A 2018 survey of Insurance Information Institute(III) of the USA revealed in its 2018 survey that 3 million identities were stolen in the USA alone and more than 50% of those identities were used to defraud businesses. 

Fintech

Fintech is growing at a rapid pace. Fintech startups raised more than $16.4 billion in VC/PE investments. The growth potential of fintech is huge, so is the risk involved in this industry. Technological solutions used to transform the traditional financial processes have left some loopholes for cybercriminals. 

Common frauds in fintech using stolen identities are money laundering, payment frauds, illegal funds transfer, etc. 

Online payment solutions, cryptocurrency exchanges, online mortgage, and rental service providers, etc are common victims of these frauds. 

One instance of fraud in fintech using the fake identity is when inmates in Florida county jail laundered $8000 through bitcoin. The inmates bought fake identities and credit card credentials through the dark web and used them to buy bitcoins. Once the bitcoin was purchased they converted it into fiat and transferred it into mysterious accounts outside the jail. The jail authorities found about this crime when they investigated a certain pattern of fund transfer, from the accounts of inmates. 

If the cryptocurrency exchange would have conducted identity verification before selling the bitcoin, the fraud could have been traced at the very first stage, because the criminals were using stolen identities and credit card credentials to make transactions. 

Healthcare

The healthcare industry is considered a pure industry, free of any fraud. Contrary to the common belief, cybercriminals are posing a threat towards the healthcare sector as well. They target patients, hospitals and other healthcare institutions, equally.

Common fraud in the healthcare sector are getting free medical services and buying prescription drugs using a patient’s identity. These frauds affect the credibility of the healthcare institutions and their doctors. 

1.3 million child identities are stolen every year and these identities are often used to defraud the hospitals. For example, a teenager in the USA was not allowed to donate blood on the basis that she was treated for HIV in the past. When investigated it was found that the identity of that girl was used to defraud a hospital in some other state to get an HIV treatment. The hospital did not verify it’s patient’s identity and gave a clean chit to a person with HIV. 

In another instance, the woman’s identity was used to get free treatment and her medical credentials were manipulated. When the real patient went for heart surgery, doctors cross-checked her medical credentials and found that the data was manipulated. In case the medical credentials would not have been checked the woman might have lost her life. Because the major credentials of her height and age were changed, that is used by doctors to decide medication dose for a patient. 

Such frauds are often conducted with the intention to get free services or prescription drugs but it can affect the credibility of a hospital.  

Education sector

Education is no more limited to brick and mortar schools and universities. Educational institutions are onboarding students online and are providing online courses. Other than the institutions, many online platforms are offering free as well as paid courses and material to the students. 

Commonly the stolen identities are used to imitate a credible students to get free education services. Also, online educational institutions are defrauded to get access to free study material for selling it to other websites.

In case a website is exploited to get a copy of content protected with copyrights, that website will be deemed responsible for the loss of the original owner of the content (books, research papers, etc). Because only a few credible sites are allowed to give access to the books and notes that have copyrights. 

The website loses its credibility if the identity of a student enrolled in an online course is used by an identity thief to attend online courses. Educational institutions and online educational platforms also need to perform due diligence on their participants to mitigate the risk of serving an identity thief. 

Travel/hospitality industry

The travel and hospitality industry caters to a wide range of clientele, so their risk is high. The common frauds that occur in the travel and hospitality industry are, imitating a guest to get free services or travel free of cost. Also, the criminals at large use stolen identities to use the hotel as their hideout. 

The travel industry is exploited by criminals for human trafficking, drug and money laundering. For instance, human traffickers use fake identities to fool the airport authorities to deliver underage children to other states for child labor. 

The above-discussed industries are just a few examples of the risk that stolen identities pose towards several industries. Other common victims that have been highlighted in the news are the e-commerce industry, real estate industry, government institutions, etc. 

How Identity verification is the savior of multiple industries?

Frauds related to identity theft are the risk for several industries. One stolen identity can be used in multiple ways to defraud businesses. Real-time identity verification can identify an individual within a minute.

Identity verification is a feasible and cost-effective solution to mitigate the risk that identity thieves pose towards a business. 

Real-time identity verification not only provide businesses with a risk cover but also helps them in seamless KYC and AML compliance and improves their customer trust. Customers feel more comfortable and secure with companies that run due diligence on their clients without any long delays. Also, it increases the credibility of an organization and prevents any penalties due to non-compliance.

Identity Theft Protection

7 Identity theft protection practices for Business and Recuriters

Identity theft is now no more a cause of concern for the individual users only as corporations and businesses around the globe have also started feeling the heat from frequent data breaches and employee frauds because of lax identity theft prevention measures. In 2017, there were 1,579 data breaches that exposed 179 million records held by businesses. According to the same study, account takeover was the most frequent method of identity theft used by online identity thieves and it took at least a few months before a user got to know that their identity was even stolen by someone else.

A smart question to ask here is that what does a business has to do with the stolen identity of a user? Well! It is important to understand that current employees hold several assets – financial or administrative – that can be exploited by identity thieves for personal benefit that will eventually lead to losses for businesses. Moreover, a stolen identity can be used to land a job at a prestigious job opening as well. According to The Federal Trade Commission, most common types of identity theft are:

                                                                                                   Source: Federal Trade Commission

Now, it does not take a degree in cyber crimes or special expertise in identity theft protection to understand the dangers attached to identity theft for businesses. Most companies use credit cards for business expenses and the 2nd most frequent type of identity theft is employment fraud which means in the absence of a reliable KYC verification, job candidates can use a stolen identity to land a job that they are not fit to perform and who can guess about the true intentions of a candidate that uses fake personal information to get a job.

How Identity Verification is relevant to you?

We understand that there is still a lot of confusion in the business community, especially in Small and Medium-sized Businesses (SMB) that should they be using OCR based ID verification and KYC solutions to implement fraud prevention and identity theft protection. Most of them are stuck to cost spendings that have to be allocated for KYC verification, but they need to appreciate the value of financial risk that is thwarted by every KYC check. It is better to spend a moderate amount on a KYC software rather than losing a significant chunk of revenue through identity theft or online frauds.

Based on studies done regarding online identity thefts, businesses require identity theft prevention to fight off:

  • Job candidates with fake credentials
  • Online scammers from adopting the identity of one of their employees
  • Data breaches that can potentially leak customers personal information
  • Unauthorized Access to centralized company resources

There are many other scenarios that can be quoted here to explain the significance of Identity verification services, but today we want to discuss the need for Digital KYC in the recruitment process and internal operations of a company. We will be addressing online fraud prevention practices that can not only protect individual identities of your employees but can also help secure the business interests of your companies.

Identity theft protection

Companies and businesses operating all over the world collect personal information from their workforce. Starting from interview phases to eventual hiring and going till payment disbursements, there are various points in a company’s life cycle in which personal information is collected and in case of any changes (e.g. address, phone number, emergency contact number etc.), the employer wants their employees to get their personal file updated accordingly with required departments (accounts, HR, Admin etc.)

Having the best identity theft protection available for internal operations becomes trickier for businesses that have remote working jobs to fill or have a centralized governance model for branches and offices located in different cities. For multi-national companies, having operations spread out to several continents, things become even more complicated with the threat of identity verification becoming more real than ever in the modern age of data breaches and dark net-based data black markets. All such companies need ID Verification and KYC verification not only to hire employees with genuine credentials but also to adopt identity theft protection measures to secure the corporate and personal information of their employees.

  • Adopt Best Practices for Identity theft Protection

All over the world, companies and businesses are adopting strict measures to ensure that all the personal information of their employees is secured. Identity theft prevention requires that only a select number of employees have access to such information. Financial Information of the company employees is also kept safeguarded both in hard copy as well as the soft copy to ensure that record is kept safe in case, any of the two set of records is damaged during a natural or digital disaster.

Most companies not only take measures to apply all necessary checks to thwart any attempt of identity theft but also involve their workforce into their identity theft protection practices. In order to achieve this, regular training sessions are conducted to make sure that the workforce is well versed with the idea of identity theft, how online identity theft prevention works and what they can do to ensure that their personal or professional information does not land into wrong hands.

One of the most common methods to ensure that personal information of employees is not compromised is by ensuring that the Social Security Numbers (SSNs) or other important Identity Document numbers are never published on employee ID cards, pay stubs or on their insurance cards. Any identity thief will have its work cut down in case they ever get hold of such a trivial yet informative document.

When it comes to identity verification and fraud prevention tactics, the entire system is more of a “House of Cards”. One wrong move and the entire system of online fraud prevention can come down like a sand castle.

 

 

  • Use Biometric Verification

Biometric Verification is a preferred mode of verification for most companies performing functions such as Check Out attendances to providing secure access to centralized resources. Now, it is perfectly fine identity theft protection solution for on-site verification but in case of remote workers, trying to access centralized resources, biometric verification requires higher budget if you utilize only conventional mediums of biometric verification i.e fingerprint scan or iris scans. It will either require special smartphones with the ability to verify fingerprints or special hardware for performing iris scans.

Facial verification is a much more reliable source of biometric verification, requiring no special hardware equipment. Either a phone camera or a webcam can be used to recognize unique facial features of a verifying member of the workforce. Shufti Pro is a perfect KYC verification and online identity verification solution offering facial verification using Artificial Intelligence. You can use it with document verification to perform full fledge identity verification not only for an existing employee but for a newly hired employee as well, both for onsite or remote duties. Remote hiring process becomes fully automated and secure for companies with the help of identity verification services from Sufti Pro.

  • Secured Centralized Assets

Businesses having a centralized database or knowledge base that has to be accessed by only select few, can surely take help from ID verification. To make the process entirely hassle free and easier. Already, businesses are asking for integration of OCR technology into KYC software, something that has been achieved successfully by Shufti Pro. With Broad language support and Artificial Intelligence working acting as the backbone of Shufti Pro, secure access to centralized assets becomes a piece of cake, without having to worry about identity theft. Only a person with genuine credentials can access personal records of employees of a company, making the entire procedure air-tight as far as fraud prevention and identity theft protection is concerned.

  • Financial Vigilance & Auditing

Business and corporations usually use credit cards for financial transactions and in order to pay for various office-based expenses. In order to make sure that your business has not become a victim of a credit card fraud, you need to check vigilantly for all the credit card statements and cross-check them with accounting departments in order to make sure that all the purchases performed via company credit cards are accounted for and in line with business side needs of the company. You find a single red flag, even a purchase of a few dollars that looks dubious or suspicious, don’t take it lightly.

  • Set Usage Ethics for Work Resources

Companies allow their employees to use company resources (laptops, Wi-Fi devices, and smartphones) even from their home in order to allow for flexible work environment. All employees availing flexible working hours must be fully told about their responsibilities regarding identity theft protection. They must know that they cannot save confidential information on these digital resources and neither can lose them, otherwise all of your company’s resources will become vulnerable to an identity theft attack.

  • Collect Consent for Verification

If you intend to verify the personal information of a would-be-employee through a KYC software to ensure identity theft protection, make sure that you collect proper consent from that candidate. Governments requires companies and businesses to receive the consent of a user before any KYC check is performed against their provided information. Apart from a compliance requirement, it is courteous to give a potential candidate a necessary heads up for a KYC verification.

  • KYC verification with real-time results

There is no better way to use the best identity theft protection except for using KYC verification from Shufti Pro that is available in 225+ countries and supports over 150 official languages. Several verification services are offered by Shufti Pro and even more KYC verification solutions using a mix of various technologies and verification services. The 4 verification solutions from Shufti Pro includes:

Identity VerificationShufti Pro can verify the identity of an end-user using a mix of facial verification, document verification, address verification, and 2-factor authentication. All the personal information can be collected in less than 1 minutes and verification results are presented in real-time.

InstantCapture –  This identity theft prevention solution is developed by Shufti Pro to make the entire identity verification process easier to perform for end-users. Using OCR technology, Shufti Pro can extract personal information from an identity document including ID cards, driving licenses and passports.

AML ComplianceMost companies require to check for financial risk attached with a person before they hire him, even for a remote working position or for the post of a consultant. Shufti Pro has a large databank containing financial risk information from 3000 databases and profiles from 1000+ sanction lists and watchlists.

Biometric Consent VerificationReleased just recently, Biometric Consent Verification is the most secure format of identity verification that makes identity theft virtually impossible. Of all the KYC solutions from Shufti Pro, Biometric Consent Verification is the only solution that offers support for both customized identity documents (employee cards, special access cards etc.) and handwritten note verification.

In case any business doesn’t want to avail a full KYC verification solution from Shufti Pro and wants to use any individual verification service from Shufti Pro, they can do just that as Shufti Pro has designed its entire SaaS product with flexibility being the core feature for its customers. Shufti Pro offers following verification services to its global clientele:

All these identity verification services and identity theft protection solutions are perfect for authenticating the true identity of a job candidate or in case you ever find that a person claiming to be one of your employees is actually your employee and not someone who just got hold of personal or professional information of the employee that he/she claims to be.

Shufti Pro is offering a free trial to all the businesses who want to check the prowess of our verification services. Contact us now, if you also want to adopt a hard-to-breach identity theft protection for your remote recruitment and internal operations.

Recommended For You:

Social Media identity Theft Frauds

Social Media and Identity Theft Frauds

Imagine this: You get up in the morning and like most people; check your email. There you have an email from an old friend of yours. He is like, “hey bro everything alright in Hawaii? Did you get your credit card and access to the rest of the services. I hope the money that I sent reached you? Do let me know if you need any further help” You look at the email, you’re in shock as initially you can’t understand what to make of this email. You frantically look up your friend’s number and call him. When he picks up you ask him about the email he sent. Before anything else he asks about how you’re doing and if things have gotten better. You tell him that you never asked for any money and neither did you go to Hawaii on vacation. There is silence on the other side and he says, “Did you set up another Facebook account?”
You tell him no and he informs you that a couple of months ago he received a friend request from you and he accepted it since he had not seen any updates from your other account. So thinking that it was you he added you up. He also said you were keeping quite up-to-date on your new profile and a week ago you mentioned that you are travelling to Hawaii. He went on to say That a couple of days ago he received a message from you saying that your smartphone, credit cards and cash had been stolen. You tell him that you have not used Fb in ages and ask him to share the account. He tells you that you have been a victim of identity theft. You open your email while talking to your friend and he has sent the email including the link to the fake profile. You open it up and as you look through it you see the person has impersonated you and posted pictures from your profile including those from your trip to Hawaii 4 years ago. You tell this to your friend and he laughs nervously, he tells you that he had heard of such a social media scam, but he never thought he would be a victim of one. He tells you to check your privacy settings and inform Facebook. He lets you know that he will also contact Fb and inform them of the identity theft fraud. You end the call by telling each other that we should be in touch more often and communicate on a better medium than social media. You hang up the phone and as you go through the stolen profile you realise that a lot of your friends have accepted the friend request from the fake profile and you anxiously think how many were sent this message…

Social Media Identity Theft A Growing Threat

Although the story above talks about a hypothetical incident, but the fact is that identity theft on social media is a reality. The worst part is that it is getting more and more common. As banks and other financial institutions are able to identify fake credentials and individuals. The scammers are turning to the social media platform to steal the identities of real individuals to carry out their criminal activities. Some even use the social media to carry out fraudulent activities similar to the one mentioned above. Almost 3 in 10 people have witnessed or been affected by identity fraud. Given the statistics this number could rise even more if some sort of measure is not taken by such sites to deter social media scam.

Can ID Verification Deter Identity Theft Fraud?

Besides asking people to check on their privacy settings, social media sites should also try to use ID verification systems when it comes to profiles. There are companies that specialise in providing ID verification and background checks. If social media sites partner up with such organisations the majority, if not all, identity frauds that happen on social media can be stopped. The ID verification will ask the individual to prove their identity and hence most of the scammers will simply backoff realising they’ll be caught or will be unable to prove the identity they wish to take on.

How Does an Identity Verification Service Work?

Having mentioned that ID verifiers can deter a social media scam, let us see the process they follow and how it works. At the heart of the identity verification system is an advanced AI system that utilises the Internet, the user’s webcam or their smartphone camera if a webcam is unavailable. So in the case of social media sites, when a scammer sets up a profile, which includes  name, picture and other details matching an existing user, the ID verification system steps in. The user is asked to face the camera and then asked to share their ID focusing on the picture, name and DOB. The AI then matches all the details and checks for signs of tampering or forgery on the ID. The AI also checks the face of the person for excessive makeup, masks or other things that might be used to hide or distort identity. Yet it is smart enough to recognise glasses, facial hair, hair cuts, etc. Also, some of the better companies offer an additional layer of HI (human intelligence) to make sure that all AI verified information is correct. Live people verify the results of the AI to ensure there aren’t any false positives. The entire verification process takes less than a minute. Once the AI gives a thumbs’ up then the profile is allowed to go online. Such a system would prevent identity theft and fraud within the social media platform.

Recommended For You: