According to Europe social media analytics market – growth, trends, forecast (2022 – 2027), Europe has more than 300 million active users on social media. These people use social media on a daily basis. For instance, in the words of3, Spanish people spend approximately two hours of their time on them.
The use of platforms such as Twitter, Facebook and Instagram has become an everyday activity that is often carried out without considering the consequences. The active users on these platforms are highly exposed to security and privacy risks as they can post pictures or share sensitive information, such as their locations, with ease.
Oversharing or overexposure of our personal information can be exploited by imposters who seek to impersonate users.
But what is identity theft on social media?
Identity theft on social media is a malicious activity that consists of appropriating the identity of a user who has a profile open on a specific social network.
Identity theft becomes identity fraud when the cyber criminal pretends to be the victim and assumes their identity to obtain their personal data, causing them moral damage or committing some type of economic crime.
This data is collected by analysing the victim’s social profile. There you could have published where you live and work, as well as your phone number and email. In addition, the activity you share and the movements you make are a very valuable source of information to imposters as they can extract the places and the time you visit them. Besides, knowing the victim’s bank is not difficult if you share your location or take a photo in the cafe in front of the bank branch where you do your banking.
Types of identity theft on social media
Once we know how imposters can extract your data and pose as you, we must understand these platforms’ most common identity theft cases.
Here are the most usual types:
- Access to a user’s account: the cybercriminal logs into the victim’s profile and extracts their personal information. Once inside, the imposter can send private messages, post content and share opinions online. Besides, they can send fraudulent links to other users, gain access to their bank accounts and even make online purchases.
- Creating a fake profile with the impersonated victim’s data: the scammer uses a natural person’s personal information and pictures to open a new account on social media. The main issue of this action is usually that the profile looks genuine, and therefore users do not realise they are being impersonated.
In addition to creating a fake profile and gaining access to the user account, you should be aware of other types of online identity fraud, so your security is not compromised.
Other fraudulent activities related to identity theft
Identity theft is usually carried out for more reasons than simply impersonating another person.
It is normally connected to the commission of crimes, whose primary purpose is to attempt against the honour, privacy and self-image of other online users.
Here are the most relevant:
- Libel and slander, the person who impersonates shares fake information, makes an accusation, or slanders another person on the social platform, undermining their esteem and dignity.
- In Cyberstalking, the impersonator becomes a stalker and spies on and contacts another user, generating harassing behaviour.
Other times it is linked to economic crimes whose goal is to obtain a profit.
- Obtaining passwords to steal bank details and carry out financial transactions.
- Buying products online from commercial Instagram accounts.
Why is identity theft so common on LinkedIn, Facebook and Instagram platforms?
Identity theft is becoming increasingly common on the most famous social media apps because users do not strengthen their online security.
Even though many platforms display the security level of the password when creating, users ignore it and tend to use easy-to-remember security passwords or the same one for all their online accounts. DOB, phone number or the city where you were born are some kinds of vulnerable passwords.
Another reason this activity has become popular is the ease with which you can recover your account if you forget your password. Security questions are a clear example of how to recover your social account. Many people use answers to security questions that you can extract from the content that the person has previously shared on their Instagram bio or Facebook basic profile information.
We live in a connected world where it is normal for users to accept abusive privacy policies compromising their security.
Other reasons encourage this activity too. Among the most notable is the lack of information about personal data protection and digital identity and the existence of a legal framework with limitations.
Even so, identity theft on social media is not only due to users’ digital lifestyle or legal system failures. This fraud is becoming more and more frequent because social media does not include a robust identity verification system for registration or does not use a two-factor authentication (2FA) system.
How to avoid identity theft through identity verification
The current data that social media requests from a new user to create an account is not enough to guarantee that the person who wants to create a new profile is who they claim to be. Asking for first and last name, email address and mobile phone number does not ensure that the person is natural, nor does it prevent impersonation.
Because of this, social apps should include more secure registration processes beyond creating a password and confirming an account with a phone number.
Including identity verification systems is key to ensuring users’ security, verifying profiles, and associating them with real people.
This verification can be achieved using MobbScan, a solution that scans the user’s identity document and validates that it is a legitimate document and the identity of the person presenting it. In addition, it verifies through facial recognition that the document’s owner matches the photo on the ID card.
This up-to-date registration would prevent the creation of false identities and non-authorised access to user profiles, ending with identity theft.
If you want to know more about our Digital Onboarding technology and how we use it in MobbScan to verify the identity of people, you can contact us through our contact form.
I am a Computer Engineer who loves Marketing, Communication and companies’ internationalization, tasks I’m developing as CMO at Mobbeel. I am loads of things, some good, many bad… I’m perfectly imperfect.
Discover everything about KYC
- What is KYC (Know Your Customer)
- Types of KYC depending on the risk
- KYC regulations in Spain
- KYC regulations in Mexico, Chile, Peru, Colombia, Guatemala, El Salvador, Brazil and Argentina.
- What is eKYC and its benefits.