One wrong click, the entry of personal data on supposedly reputable sites, an insecure password - boom, criminals have access to accounts and information and can do with them as they please. And do so even if the reaction is not correct!

The field of identity theft is broad, but there are standard situations. Knowing what the do's and don'ts are and how best to behave if "it" does happen can prevent great damage.

Prevent identity theft! Advice #1

The most important advice: stay calm! Extreme caution should be exercised whenever time or psychological pressure is created to cause a reaction, such as following a link or entering data. This is a very popular way to get online users to take rash actions. So stay away from the keyboard if stress arises!

I followed a phishing link!

Cyber ​​criminals are becoming increasingly sophisticated in creating emails or websites that are intended to give the impression that they are from a reputable party or one that already has a business connection (their own bank, the parcel service provider, etc.). Situations are faked that appear completely natural and normal and should not make you hesitate for long before responding to the request for action, for example following a link. Often these are services that you have nothing to do with at all.

Anyone who accepts this has, in the worst case scenario, already lost. Criminals can intercept personal contact or account information in this way. A lot of mischief can be caused if information such as address, email, birthday, IBAN or credit card number falls into the wrong hands.

What helps here is not to respond in the email or on the website, but rather to take a detour via the respective app or the official company website and, for example, log in to your own customer account. If the information can be found and verified on the official platforms, there is no risk of identity theft. Requests to action never only appear in an email, but always in the customer account. Emails sent are often also stored there.

What to do if you suspect phishing?

If there is a risk of becoming a victim of phishing, then the password should be changed immediately, wherever this password was used. Unfortunately, humans are creatures of habit and use the large portals with the same combination of password and email. Once criminals have figured out this combination, they have access to all accounts with the same password-email combination.

And now please everyone stop for a few minutes and think about what it looks like for you personally...! In order to avoid identity theft via phishing with large-scale consequences, it is very important to handle your own passwords securely. Mimikama has already provided security tips from the BSI ( HERE ) and regularly publishes information on phishing attempts. Simply enter phishing in the search.

If you suspect that criminals have access to your bank or credit card account, you should inform the bank immediately. The account is then placed under surveillance and any suspicious movements are immediately detected.

What makes an email suspicious?

Poorly forged emails are usually noticeable because of a very general, atypical salutation formula, contain many spelling errors or are generally written in poor German or are far removed from the usual wording of a company. The request to click a link seems very clumsy. A look at the sender address often immediately reveals that the named company is not the sender. There are often strange letter-number combinations or completely unfamiliar country domains. Hands off!

Well-made fake emails, on the other hand, are more difficult to detect. The emails are often similar to the official emails down to the last detail. Here again, it is helpful to look at the sender address. Does it match the company domain? And here too you have to look closely. Often the addresses are reproduced extremely well, so that the difference is only in a single, similar-looking letter. In common fonts, the capital “I” and the small “l” look very similar. Here it is particularly important to look very carefully. Or go straight to the official channels. If you can't find anything there, put the email in the spam folder. This will teach the mail system to filter out such emails in the future.

Help, my Facebook was hacked!

Sorry, but no. The hard truth is: As a rule, profiles on social networks were not hacked, but rather the users themselves clicked wrong somewhere and gave criminals access to their own profile.

Once identity theft has taken place, criminals can freely use the account's functionality, for example sending friends via messenger messages with dangerous links or posting this content. And since such dangerous content comes from friends, a credibility hurdle has already been overcome. Often you only realize such takeovers when attentive friends ask critical questions. Changes in the profile such as a new date of birth or new, completely unknown friends are also noticeable. All alarm bells should ring!

Change password and check email!

Here, too, you should change the password immediately to revoke access to the criminals. Then please pay attention to the email address provided! If this has already been changed, then immediately change it back to your own, non-captured address. Criminals could use the email address to regain access via password recovery.

This is also why 2-factor authentication is so important. If this is activated, criminals have a much harder time. If all of this no longer works and the account has been completely taken over, the only solution is to go through the platform providers themselves. All platforms offer auxiliary procedures to regain access to your own account. However, this does not necessarily have to work and can sometimes be very complex and lengthy. So it's better to be very careful.

It is also important to be careful not to make your friends list public. Together with the already public profile, cybercriminals can recreate their own profile 1:1 and write to all friends asking them to please follow them on the new profile because the old one has been hacked. Find the mistake! This is also a form of cyber identity theft.

Warn your friends

Anyone who has actually become a victim of identity theft due to their own carelessness or negligence should warn their friends. This can happen and is annoying, but now it is important to prevent greater damage. All suspicious content must be deleted. The affected friends should do the same. Also in messengers.

Is my email address still safe?

You often read about large data leaks, about gigantic numbers of data sets that are suddenly supposed to be freely available on the dark web. But what about your own concern? Has your own data already been leaked? There is often great uncertainty here.

It's not that difficult to find out whether identity theft has occurred and whether your data can be found online. Leak databases help with this. The well-known platform Have I been pwned already has a good 10 billion leaked records that can be searched using your own email address. The Swiss federal government also cooperates with the database and is currently checking leaks to see whether addresses of federal employees are affected ( here ). The German platform of the HassoPlattner Institute, the HPI Identity Leak Checker, has a good 11 billion data records for a data check.

Help, strangers shop at my expense

If the worst case scenario has occurred and the identity theft was so successful that the criminals were able to go shopping with this data, then the online shop must be informed immediately in order to have the account blocked and possible further deliveries prevented. It is also important to look at the delivery address and contact email provided. If criminals have changed these and possibly also the notification settings, then victims will only realize very late that something is wrong via suspicious account movements. The bank must then also be informed immediately.

to file charges

If financial damage has occurred, then a report should definitely be filed. Even if it is foreseeable that the perpetrators will not be caught, reports help the police to obtain information about all types of identity theft. An overview of the German online guards, for example, can be found here .

Source:

Futurezone
Do not miss! A Mimikama warning: WhatsApp warning about “Amazon Black Friday 2022”



If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:

📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.

Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!

* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!


Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )