Identity Theft Scams
Identity theft scams collect victims' personal information — Social Security numbers, bank details, passwords — to commit financial fraud including opening credit cards, taking loans, and filing fraudulent tax returns.
일반적인 수법
- • Fake data breach notification emails that direct victims to enter their login credentials and personal details on fraudulent "identity verification" pages
- • Phony credit report or credit monitoring sign-up pages that collect Social Security numbers under the guise of protecting the victim's identity
- • SIM swapping attacks where scammers convince mobile carriers to transfer the victim's phone number to a new SIM, enabling them to intercept two-factor authentication codes
- • Fake survey or reward programs that ask for extensive personal information (full name, address, date of birth, SSN) in exchange for a gift card or prize that never arrives
- • Mail theft and dumpster diving to obtain physical documents containing personal information such as bank statements, tax forms, and pre-approved credit offers
- • Creating fake job applications or rental applications that are actually designed to harvest personal documents like driver's licenses, pay stubs, and Social Security numbers
식별 방법
- Unsolicited requests for your Social Security number, especially via email, phone, or text — legitimate organizations rarely ask for your full SSN through these channels
- Unexpected credit inquiries appearing on your credit report from companies you have never contacted
- Bills, statements, or collection notices arriving for accounts you did not open
- Your tax return is rejected because someone has already filed using your Social Security number
- You stop receiving expected mail, which may indicate an unauthorized change-of-address request has been filed in your name
- You receive two-factor authentication codes you did not request, which could indicate someone is attempting to access your accounts
자신을 보호하는 방법
- Freeze your credit with all three major bureaus (Equifax, Experian, TransUnion) — this is free and prevents anyone from opening new credit accounts in your name
- Use unique, strong passwords for every account and enable two-factor authentication, preferably using an authenticator app or hardware key rather than SMS
- Monitor your credit reports regularly through AnnualCreditReport.com — you are entitled to free weekly reports from all three bureaus
- Shred physical documents containing personal information before discarding them
- Set up a PIN with your mobile carrier to prevent unauthorized SIM swaps — contact your carrier's fraud department to enable this protection
- File your tax return early each year to prevent a fraudster from filing first using your Social Security number
실제 사례
In the United States, a tax refund identity theft case saw a fraudster file a fake IRS return using a stolen Social Security number in January, claiming a large refund — the real taxpayer only discovered the fraud months later when their legitimate return was rejected.
In the UK, criminals exploited a data breach at a major retailer to harvest National Insurance numbers and addresses, then opened dozens of fraudulent credit accounts through UK high street banks — victims only learned of the fraud when contacted by debt collectors.
In Australia, a SIM swap attack targeted a victim's Telstra account — the criminal ported the phone number using personal details purchased from dark web forums, then intercepted two-factor codes to drain the victim's CommBank and ANZ accounts of over AUD 45,000.
In Brazil, scammers used stolen CPF (Cadastro de Pessoas Fisicas) numbers to open fraudulent bank accounts and apply for loans at digital banks like Nubank and Inter — victims discovered the theft only when their credit score on Serasa dropped dramatically.
In South Korea, a massive personal data leak from an online platform exposed millions of resident registration numbers (RRNs), which were then used to create fraudulent mobile phone accounts and online shopping profiles across Coupang and Naver.
In Kenya, fake landlord scams on property listing sites collected copies of national ID cards, KRA PINs, and payslips from rental applicants — the stolen identities were used to take out mobile loans through services like Tala and Branch without the victims' knowledge.