We all know that identity theft happens, but have you ever stopped to think about where thieves get the data they use to commit fraud? It seems like every day we hear news about yet another massive data breach involving millions of credit cards. Unfortunately, data breaches can also result in the theft of Personally Identifiable Information (PII), which allows thieves to assume an individual’s identity, or create a synthetic identity to commit fraud. In fact, there is so much data available on the black market that a U.S. website reported that a glut had forced the value of stolen identities to fall by as much as 37 percent (Learn more here).

In addition to data breaches, where do identity thieves get their data?

Unfortunately, you do not have to look much further than the employees you see in regular businesses in the High Street. The vast majority of employees are trustworthy and never commit fraud, but some employees do steal. When they do, the effects are often catastrophic. Criminals know that bank tellers, for example, have access to tremendous amounts of data. All they have to do is convince that employee to steal that data.

Stealing enough information to commit identity theft is remarkably simple. In fact, criminals do not have to steal all the data from one location. They can steal enough information and use social engineering to gather the rest. Alternatively, they can steal sufficient data to create a new or synthetic identity based on data gathered from multiple individuals.

The most sophisticated criminal entities will actually place their operatives inside a business with the primary goal being to steal customer identities. Once inside the organisation, the criminal turned employee can print, photocopy, or email staggering volumes of data. They might even share their logon credentials and allow their criminal bosses to login remotely and steal data themselves.

Employers work hard to stop this type of theft, yet there is only so much they can do. With ‘Big Data’ beginning to take hold, there is potentially more refined and insightful data available on the horizon for criminals to steal and make detection of identity theft even harder to accomplish.

For businesses that must validate identities, how can they make sure that they have the best approach in place to catch fraudsters in the act?

Just like criminals, businesses must use data from multiple sources. Relying on a single source of data often provides insufficient data to conduct a detailed verification check. Gathering data from multiple sources, including highly secure government databases, puts the power back in the company attempting to verify identities.

Think about how much data your business has available to verify a customer’s identity. Can you verify an identity using data from multiple sources? If not, how comfortable are you that an identity thief does not have access to the same data that you rely upon?

Do you have questions about how to prevent identity theft? Contact Contego to learn more.