Child identity theft is becoming a prevalent issue in today’s digital age, with a staggering number of young victims falling prey to criminals. In 2022 alone, nearly a million children in the US experienced identity theft, resulting in an average cost of $1,128 per household and taking approximately 16 hours to resolve. These incidents collectively cost Americans over $1 billion annually, underscoring the severity of the problem.
The demand for children’s personal information among criminals is alarmingly high, and the methods they employ to steal it vary. Fraudsters exploit children’s identity data for purposes similar to those involving adults’ information, such as opening bank accounts for money laundering and scams, creating new credit card accounts to accumulate debt, and fraudulently obtaining welfare benefits and loans.
One factor that contributes to the attractiveness of children’s personal information is the absence of bad credit ratings. Unlike adults, children generally do not have credit history, which provides fraudsters with a greater level of confidence that their attempts at monetizing stolen identity data will not be hindered by banks or government entities. Additionally, young victims are less likely to notice that their identities have been compromised, as they are not accustomed to regularly monitoring their bank accounts or credit reports. Consequently, fraud schemes targeting children can go undetected for extended periods, sometimes years.
Synthetic fraud is another technique frequently employed when dealing with child identity data. Scammers combine real and fake personal data from various sources to create a new identity that benefits from a clean credit history. This allows criminals to evade suspicion and further exploit the stolen information.
The cybercrime underground operates as a well-organized system, with different actors fulfilling specific roles. Cybercriminals typically harvest personal data and sell it on dark web marketplaces and forums for fraudsters to use in subsequent attacks. The methods employed to obtain this data are reminiscent of those employed to compromise adults’ information. Phishing is a common method that involves luring individuals into clicking on malicious links, leading to the installation of information-stealing malware or tricking victims into divulging their personal details under false pretenses.
Third-party data breaches also expose a significant number of children to potential identity theft. In 2022, approximately 7 million American children, or 1 in every 43, had their personal information exposed due to data breaches that were not their fault. Account takeover is another method employed by criminals, whereby gaming, social media, and online learning accounts become valuable sources of identity information. These accounts can be compromised through phishing attacks, brute-force password cracking, and other techniques.
Parents must also be cautious about oversharing personal information about their children on social media platforms. While well-intentioned, sharing excessive details about their children’s lives can inadvertently give criminals the necessary information to perpetrate identity theft schemes. Even seemingly innocuous information, such as birthdates and schooling details, can be weaponized by fraudsters to extract more information and perpetrate additional scams.
Another surprising revelation is that a significant percentage of child identity theft cases involve familial fraud. In an estimated 67% of households that experience child identity theft, the victim knew the perpetrator personally. Family members with close access to sensitive documents can easily exploit their relationships and perpetrate fraud while assuming an air of innocence. Consequently, these cases often go undetected for extended periods.
Physical theft remains a popular method employed by criminals, who seize documents from trash cans or intercept them directly from the mail. Despite the growing prominence of digital crimes, old-fashioned methods can still yield successful results for fraudsters.
Safeguarding a child’s identity requires implementing tried-and-tested best practices that are both effective and manageable. One crucial step is to refrain from oversharing information about children on social media platforms. Parents should exercise caution and avoid “sharenting” unless their accounts are well-secured. Monitoring a child’s accounts for suspicious or unusual activity, such as unauthorized transactions or changes, is also vital in preventing and identifying identity theft incidents.
Parents can consider imposing a credit freeze on their child’s behalf with the three major US credit bureaus. By doing so, banks and other service providers will be unable to issue loans or credit in the child’s name, providing an added layer of protection. Keeping all household devices updated with the latest patches and anti-malware software is imperative to thwart cybercriminals’ attempts to exploit vulnerabilities.
Additionally, educating children about the dangers of oversharing on social media, falling victim to phishing attacks, and the general risks of identity theft is essential. Parents should encourage their children to limit the number of accounts and services they sign up for, opting to enter the parent’s details where needed instead.
Beyond prevention, staying vigilant and being aware of warning signs are critical in combating child identity theft. Unusual or unexpected bills/statements addressed to a child, denied welfare benefits due to previous payments, IRS letters demanding taxes from a child, and rejected bank account applications are all red flags that warrant further investigation. Collection agencies contacting parents inquiring about the whereabouts of their child is another indication of potential identity theft.
In the unfortunate event that child identity theft is confirmed, immediate action is crucial. Obtaining a credit report for the child and placing a freeze on any suspicious accounts is paramount. Reporting the incident to the Federal Trade Commission (FTC) and local law enforcement authorities is important as well. Notifying the three major credit bureaus about the incident and requesting closure of any fraudulent accounts opened in the child’s name is vital to mitigate further damage. Written confirmation that the child is not responsible for the fraudulent activity should also be obtained from the relevant organizations.
Child identity theft is an unfortunate reality that parents must contend with in today’s interconnected world. While it may require more effort and vigilance to combat this issue, being a responsible parent in the digital age is non-negotiable. Implementing preventative measures, staying alert to warning signs, and promptly addressing any incidents will help safeguard our children’s identities and protect them from significant financial and emotional harm.