Who can become a victim of identity crime?


Anybody can. As more and more business is conducted online, and more data is used by organisations and individuals, more criminals concentrate on obtaining that data in order to commit fraud.

In the past, fraudsters targeted identities that looked likely to provide the best chance of gaining access to products or services: such as professional men in their late 30s or older. Today, victimisation is far more random, making anyone a potential target.


What can I do to keep my identity safe?

Criminals rely on your complacency. To avoid becoming an identity fraudster's next victim:

  • treat your personal details as you would treat an expensive item: something to be looked after
  • limit the amount of personal information you give away on social networking sites. Your real friends know where you live and know your birthday, so there's no reason to share it with strangers
  • update your computer's firewall, anti-virus and anti-spyware programmes. Up to 80% of cyber threats can be removed just by doing this
  • never share your passwords or PINs with others, and do not write them down.
  • use strong passwords and PINs. They need to be difficult to guess (so don't use your child's name or your date of birth) and include a mixture of upper and lower case letters, numerals and punctuation marks. Aim for a minimum of 10 characters in a password
  • don't use the same password or PIN for more than one account - that's like having just one key to open all your locks
  • shred all your financial documents before you throw them away. Personal details from letters, statements and so on are dangerous if they fall into the wrong hands.
  • If someone asks for your personal details either online or on the phone, and you have doubts about why they need them, check first. If you're in any doubt, don’t disclose.

What about online safety?

As well as the above, there are several steps you must take when doing business online.

  • Encrypt your wireless network to the highest possible setting - ideally WPA2.
  • Delete your web browser history and cookies regularly (there are free tools available to help you make sure everything has really been removed).
  • Use different email addresses and different passwords for your various online accounts.
  • Never visit any website that uses financial details (such as banking or shopping) from a public wi-fi hotspot or from your smartphone. This is the online equivalent of talking to your bank manager on the phone in a busy public place: a criminal can intercept your details.
  • Block all spam emails. Never respond to unsolicited emails. Be careful of any links you receive in unsolicited emails.
  • Hovering the mouse cursor over a link will often reveal the real address of the page it's sending you to. Check - is it the address of the site you were expecting?
  • When using smartphones or tablets, make sure you use all the device's security features such as passwords and PINs. Remember to lock all devices when you're not using them.
  • Avoid publicising your travel plans or posting holiday pictures while you're away from home. Fraudsters and criminals will often look for obvious signs that you are away.
  • If you are moving house, change your address on all official records and put a redirection on your post for at least six months, to avoid any sensitive mail falling into the wrong hands.

Remember, if a stranger in the street asked you for details you weren't comfortable revealing, you wouldn't hand over those details. The same is true of the internet. If in doubt, don’t do it!

What if I've already become a victim?

Don’t panic! Falling victim to fraud need not cause you permanent damage or distress.

It is important to act quickly, though. The sooner you discover the fraud and raise the alarm, the quicker it'll be resolved.

  • Check your bank, credit card and other financial statements. If you see transactions you don't recognise, immediately tell the organisation concerned that you suspect you have become a victim of fraud.
  • If regular statements or other items of post don't arrive, contact the organisations concerned. Do the same if you start receiving correspondence from companies about applications or accounts that you do not recognise.
  • Immediately alert any organisations you know to be involved. They will tell you whether you need to contact the police.
  • Investigate any credit refusal - it could be a sign that your credit report has been damaged. Contact one of the credit reference agencies, who can help you review your credit report and contact all of the organisations involved for you. They will also notify the other two credit reference agencies so they too can offer help. 
  • Consider applying for Cifas Protective Registration. For just £20 a year, this will alert most lenders to the fraud so that they can take extra care when dealing with credit applications in your name.


Related reading

The Anonymous Attacker (PDF, 4.9MB) and Digital Thieves (PDF, 5.3MB) - include tips for staying safe online, stories from victims of fraud, an examination of how businesses can fall victim, and past and predicted internet crime trends

Links to other fraud prevention organisations