What really happens when someone steals your identity?

Credit cards
Type in your password while a keylogger is watching and your bank details are at risk (Image credit: Future)

Identity theft can happen in a variety of ways, such as stealing your wallet or purse, obtaining your personal information through a data breach, or even by tricking you into revealing your sensitive information through a phishing scam. Once the thieves have your identity, they can use it to open credit accounts, take out loans, or even commit crimes in your name. The consequences of identity theft can be devastating, including financial ruin and damage to your credit score. It's important to take steps to protect your personal information and monitor your accounts regularly to catch any suspicious activity.

How is your identity stolen?

Identity theft can occur in three different ways. The first way is when someone clones or copies your credit card, which usually happens when you're traveling abroad or in a big city. It's less common when you're at home or at places you visit regularly. The second way is when your personal information is leaked due to a massive data breach. The third method is phishing, used to deceive you into entering your personal information into a fake website through email, SMS messaging, or any other medium. 

Phishing relies on a sense of familiarity to trick you into thinking that the message is legitimate. As a result, you may click on a link in a fake email that appears to be a password reset or account restriction notice and then provide the information they ask for. This can lead to your electronic identity being stolen.

How does the identity travel? 

The theft of identities is a common occurrence, with the identities often being added to large databases that criminals can access and use. In the case of credit cards, they are usually tested to see if they work by making a small purchase. Alternatively, a more significant purchase may be sent to an unmarked address on an industrial estate before being sold, which is a form of money laundering. Essentially, it's like your digital identity travels around the internet until it finds a buyer while you remain in the comfort of your home.

(Image credit: TheDigitalArtist / Pixabay)

You're for sale on the Dark Web

Primarily, accounts with money attached are the most desirable. So, bank and credit card accounts, mortgages, online payments like PayPal, hire purchase deals, smartphone contracts - anything that requires a big chunk of personal data for approval.

The more complete the data, the more likely it is to sell.

Most people think of the internet and the web as the same thing. In truth, the internet is merely the infrastructure of routers, data hubs, DNS servers, and cabling. Like email, FTP, and the torrent network, the web sits on the internet.

So, too, does the Dark Web, a hidden portion of the online world accessed via the Tor browser. Think of this as a "wild west" internet that is difficult to police. Standard web search tools cannot crawl these sites so that you won't find any results about them on Google.

Like the back alleyway of the internet, the Dark Web is perfect for selling stolen data, weapons, drugs, and other dodgy deals. Remember, identity thieves are criminals with all illegal operations in progress.

How much is your ID worth?

The Dark Web provides a marketplace for buying and selling your identity.

Each record for sale on the Dark Web makes a profit for whoever stole it—the more comprehensive the data and the balance in the account, the higher the price. A study by Trend Micro found that bank logins alone are $200 to $500 per account.

Single credit cards are usually sold for under $100, with many under $10. This price is reflected in the unused credit available on the cards.

Meanwhile, accounts with mobile phone operators are available for a maximum of $14. That's a small fry compared to the $300 price tag slapped onto your well-used eBay and PayPal accounts.

Remember when you applied for credit and provided a scan or photocopy of your passport? Perhaps your wedding certificate? Those sell for up to $40 - after all, owning someone's passport details is an instant new identity.

It's disconcerting to learn how your digital identity is traded. So, here's a final sobering price: medical data is worth around $1000 per record. Let's hope your healthcare provider employs secure procedures to protect your data.

Where does your stolen identity go?

Criminals worldwide have access to databases of stolen credit card details, and entire identities—the more complete data collection is, the better. People with incredible wealth are more desirable to thieves, but the super-rich are rarely found here. Instead, they're usually targeted in a more specific manner.

Thanks to the internet, your stolen identity could end up anywhere worldwide. Financially speaking, you could simultaneously be in London buying trousers and having breakfast in Rio. However, this sort of activity typically results in credit card companies noting something wrong.

As such, your stolen identity probably doesn't travel far beyond your usual movement pattern. This way, identity criminals can enjoy the longest possible use of your ID. A week would be a long time, but more than enough time to ramp up huge debts in your name.

(Image credit: Shutterstock / Zeeker2526)

Keep hold of your identity

The risk is simple: someone who has the critical elements of your identity can claim to be you. ID fraud can be committed with that information and some basic research into your likely wealth.

Data breaches are impossible to prevent. So, the answer is to protect yourself. While your data languish on a database, ready to be used for automated phishing emails or more specific targeting, you can use security tools and credit monitoring services to reduce your exposure.

Cybercriminals don't like hard work. It takes time, and it isn't profitable. So instead, they aim for low-hanging fruit, easy wins. Don't be an easy win - make identity theft difficult, and the criminals will move on to the next victim.

More from TechRadar Pro

Bryan M Wolfe

Bryan M. Wolfe is a staff writer at TechRadar, iMore, and wherever Future can use him. Though his passion is Apple-based products, he doesn't have a problem using Windows and Android. Bryan's a single father of a 15-year-old daughter and a puppy, Isabelle. Thanks for reading!