CIFAS, the Fraud Prevention organisation, has revealed that numbers of young identity fraud victims (those aged 30 and under) have increased by a staggering 52% since 2015. The survey also revealed that 50% of the young people surveyed believed they would never fall for an online scam.
Why are young people so blasé about identity fraud?
Since those from the Millennial generation have grown up with the internet and online culture we expect them to have at least absorbed the fundamentals of cyber security.
We automatically expect everyone who is under 30 years of age to be technically savvy.
This isn’t always a realistic assumption.
I spoke to a couple of our youngest employees at 2-sec Head Office about cyber security awareness among their friends. Some of our newest members of staff were born in the late 1990s, which makes me feel very old…
They told us that whilst their friends are keen to understand SnapChat, WhatsApp and Instagram, many of them are very apathetic about online security.
“They’re not interested, and although they may have had a few online security classes at school, they think that it doesn’t apply to them, and that they won’t be a target”.
Young people are immersed in online culture, and are used to sharing their lives through social media sites and messaging apps. Some have a misplaced confidence that identity fraud is something that happens to everyone else.
But there are many cases being reported that show exactly the opposite: young people are being targeted as their life styles and habits make it easy for cyber criminals to take advantage.
Many young people share their lives online, often unwittingly revealing confidential details about their lives. Cyber criminals easily extract the information needed to create successful phishing attempts. Those that live in communal flats are easy targets for opportunists, who find it simple to take their post from unsecured reception areas, open a credit card in the addressee’s name and steal funds. Victims are left with wrecked credit scores and debts.
How can you persuade young employees to protect themselves?
As always, education is the key. Security starts offline – criminals will look out for unsecured communal post boxes in flats and will search through rubbish bags looking for bills and bank statements. Explain the need to:
- Shred everything, before binning any paperwork.
- Secure any letter boxes or post boxes.
- Don’t leave laptops, tablets or phones unattended.
- Report lost driving licenses or passports straight away.
- Follow up if expected mail fails to arrive.
- Check through bank statement for suspicious transactions.
- Regularly check credit ratings – if someone is making false applications for credit, it will appear on an individual’s credit reference file. These should be checked these at least once a year (or immediately if fraud is suspected).
Key points on online security include:
- Be careful what is published on social media sites. Use the strongest privacy settings. Some criminals sweep personal details from these sites to build a stronger target profile, so don’t post confidential information such as birthdays, or addresses. Don’t accept friend requests from unknown people, and be suspicious of any “acquaintances” asking for personal information on line.
- Don’t use unsecured connections in communal areas, such as restaurants or coffee shops.
- Use robust passwords and never share these with anyone and never write them down. We have had cases where people will write down their passwords on a yellow sticky note and attach them to their computer or desk. Please don’t do this…
- Update firewall, anti-virus and anti-spyware on anything that is used to access the internet – mobile phones, laptops and tablets.
- Never share passwords or PINs (personal identification numbers) with others and do not write them down…ever.
If you can persuade young employees or family members that they are at risk, and simple steps they can take, then much of the risk is reduced. Ongoing training and education aimed at all ages in the workplace is essential to keep personal and sensitive data safe.