Identity Theft on the Rise…Again

According to a report released by Javelin Strategy and Research and another by the FTC, the incidence of identity fraud increased in 2012 for the second consecutive year, affecting 5.26 percent of U.S. adults. This increase was driven by dramatic jumps in the two most severe fraud types, new account fraud (NAF) and account takeover fraud (ATF).

Key findings from the FTC’s report:

• Over one million complaints were fraud-related. Consumers reported paying over $1.4 billion in those fraud complaints; the median amount paid was $535.
• Fifty-seven percent of all fraud-related complaints reported the method of initial contact. Of those complaints, 38 percent said e-mail, while another 34 percent said the telephone. Only 9 percent of those consumers reported mail as the initial point of contact.

Key findings from Javelin’s report:

• Identity fraud incidents and amounts stolen have increased. The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion—a three-year high, but still significantly lower than the all-time high of $47 billion in 2004. This equates to one incident of identity fraud every three seconds.
• One in four recipients of a data breach notification became a victim of identity fraud. This year, almost 25 percent of consumers that received a data breach letter became a victim of identity fraud, which is the highest rate since 2010. The study found consumers who had their Social Security number compromised in a data breach were five times more likely to be a fraud victim than an average consumer.
• Small retailers are losing out. Fraud victims are more selective where they shop after an incident, and small businesses were the most dramatically impacted. The study found that 15 percent of all fraud victims decided to change behaviors and avoid smaller online merchants. This is a much greater percentage than those that avoid gaming sites or larger retailers.

With iovation’s services, when computers or mobile devices with fraudulent histories connect to a retailer’s website, the business is alerted in real time. If velocity or geolocation alerts are triggered, the retailer knows that too, also in real time. The company maintains a living database of device intelligence, sharings the data across its global base of finance, gaming, travel, shipping, dating, and retail clients. Information is shared in order to detect fraudulent activity as soon as possible—before a product is shipped and chargebacks and fees are incurred. iovation calls it device reputation; I call it another bit of common sense for retailers.

Robert is a personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.