Kroll outlines Top Five tips for protecting against identity theft
20 January 2021
KROLL – A division of Duff & Phelps, the specialist in risk mitigation, investigations, compliance, cyber resilience, security and incident response solutions – has outlined the five most effective strategies it believes will guard against the increasing threat of identity fraud.
The strategies are based on findings from a Kroll survey of nearly 200 audit professionals. This reveals that over half (55%) of respondents said that fraud risk has increased in their business since the shift to remote working, with a further 10% suggesting that risk has increased significantly. It’s widely understood that identity fraud poses huge risks to consumers, but the dangers to businesses are often underestimated.
As remote working is set to continue for most businesses for some time to come – and, concurrently, identity fraud cases continue to rise – Kroll has detailed the five best strategies for mitigating exposure to fraudsters.
Beware of phishing e-mails
Scammers will use fake e-mails and text messages, often masquerading as trusted institutions such as banks, schools, universities and employers, to trick people into giving away their personal information. For example, someone may impersonate someone in a senior leadership position within a business and ask a junior employee for a password or confidential information.
Phishing has now progressed beyond the clumsy, poorly-written efforts of the past, but many such e-mails still contain tell-tale signs of a scam such as poor formatting, unofficial e-mail addresses and a lack of consistency with company e-mail practices.
Don’t re-use passwords
For the majority, poor password practice simply boils down to security fatigue: a weariness or reluctance to deal with computer security. Using a password manager is an excellent solution to this issue and offloads much of that effort that goes into organising passwords on a digital platform.
Businesses should ask their employees to change their passwords regularly in order to mitigate the risks of a breach.
Activate two-factor authentication
Many online accounts offer two-factor authentication and enabling this service can help to prevent online account takeover, especially so in terms of financial institutions. When logging into a bank account, for example, the individual concerned will be sent a text or e-mail with a code that’s needed in order to access the account. This adds another layer of security to personal information.
Businesses should look for systems that offer this level of login security for all possible systems, including corporate bank cards and accounts, but focusing on those areas that are most vulnerable (like e-mail accounts and data storage).
Sign up for activity alerts
Activity alerts from bank or credit card companies can notify individuals of any suspicious activity associated with their account(s). The individual is often notified immediately and so can act to prevent any further fraudulent charges or withdrawals. This applies to business as well as personal accounts, giving a full picture of potential vulnerabilities.
Establish identity or credit monitoring
Register company e-mail addresses and passwords, so too any other sensitive data like bank details, with an identity monitoring service to receive a warning if data is under threat.
Such data is often traded on the Dark Web, but monitoring services focus on places where it’s known to be bought and sold and alerts the individual if their data is identified, allowing that person to reset passwords and login details or contact their bank to cancel cards.
Consumers should do the same with their debit or credit cards and any other data that could be vulnerable.
David White, associate managing director at Kroll, commented: “Anyone, an individual or a business, can become a victim of identity fraud. The highly interconnected and digital world in which society now operates means that criminals have become increasingly sophisticated and, as tech continues to move forwards, so do the criminals’ methods for perpetrating fraud.”
White continued: “Worryingly, the fraudsters are not only becoming more versatile, but also more effective. This upward trend is set to continue. It’s therefore more important than ever to stay vigilant and take the necessary steps to guard against identity fraud, as is the case with all other types of fraud. Effective security essentially boils down to layering a series of defence mechanisms to reduce overall risk. Incorporating the steps we’ve shared is a great place to start for businesses, employees and consumers.”