We live in a world where we can all expect to have our online identities hacked at any moment. Adam Levin’s new book argues that there’s plenty we can do to prevent ourselves from being the next victims.
Once we lived in a more simple time, consoled by the thought that there were only two absolute certainties in life: death and taxes. But now, at least according to author Adam Levin, we can add a third to that list: identity theft. Levin, whose new book ‘Swiped’ deals with how to protect yourself in a world full of scammers, phishers and ID thieves, knows what he’s talking about. With more than three decades as a consumer advocate and chair of Identity Theft 911, he’s made it his life’s work to come to grips with a social phenomenon that affects us all.
We like to think that we do our best to protect ourselves from hackers, dreaming up endlessly convoluted airtight passwords and jacking up our spam filtering to ever-increasing levels of paranoia. But the truth is, as Levin says: “we are up against people who treat stealing identities as a full-time job”.
Identity theft is committed for many reasons: financial gain and espionage are the most common, closely followed by hiding criminal activity. Levin says that there are “a host of motivations between those extremes. It’s easier to commit these crimes in the digital environment, because one only needs information - highly gettable information.” The activity is made easier as the public becomes more committed to sharing the minutiae of their daily lives on social media, digitally telegraphing purchases, celebrating birthdays and new jobs, chronicling life experiences (often in real time) and seeking relationships. All of these activities “provide the would-be identity thief with the means and opportunity to commit crimes against them”.
The big mistake we all make, of course, is thinking that it won’t happen to us, and that it will happen to ‘some other guy’. If you think that you aren’t rich or important enough to become a victim, then think again.
"In the right hands, your identity holds value. Depending on the quality and quantity of the information: great value. An identity thief isn't necessarily looking to cash out a mortgage obtained in your name." It could be as mundane as a hacker purchasing a new TV online and then selling it on eBay. “It can be as simple as an unnoticed small charge on your credit card. If an identity thief can charge a few dollars on a thousand cards, he or she has made a good amount of money.”
It’s official, then. The world is a nastier, sneakier and more confrontational place than it once was. This is not necessarily a view shared by Levin, although he does admit that the landscape has changed. “The world is probably the same as it ever was. But because our lives in many important ways - education, personal communication, health care, finance, credit - are managed in an online environment, the attackable surface has grown tremendously. Because technology continues to evolve and the thirst for data has grown exponentially, there are simply more opportunities for small-time (and big-time) malfeasance than ever before.”
This isn’t made any easier by the fact that there probably is no such thing as a safe password. “There will always be someone out there who is clever enough, creative enough, persistent enough and with enough time and computing power to crack a password. The goal is to create a dynamic data security environment where there is never enough time for that clever person to crack your security protocols.”
Spreading the word
Levin says that he wrote ‘Swiped’ because he had to, from a desire to clear up what he regarded as being serious misconceptions and significant misinformation about identity theft and identity related crime. He thinks that too many people are living with their heads either in the clouds or buried in the sand when it comes to protecting themselves from a new era of cyber crime. And where the message is clear, it isn’t getting through, leaving people exposed and vulnerable.
According to Levin, too many businesses are failing to step up and protect what he calls “their most precious asset - the sensitive personal information of their customers and employees.” He goes on to say that: “too many governments have not done enough to protect the privacy, safety and welfare of their citizens by demanding higher security standards from both public and private sectors. There are so many ways people and organisations can make themselves harder to hit - relatively easy ways that can be incorporated into daily life. This includes the adoption of a culture of privacy and security. And so I felt it was the right moment to stand up.”
What Levin is standing up to is global identity theft on a scale that is hard to comprehend. “More than one billion records have been exposed. And that’s what we know about. The extent of exposure worldwide is very likely to be much more grave, and the amount of money lost is in the billions annually. This is rapidly becoming a trillion-dollar worldwide issue.”
Inevitably, conversations of this nature will drift into the most obvious question: what can we do about it? And the answer is to simply become more aware. According to Levin, identity theft goes way beyond being an inconvenient possibility, straying firmly into the territory of being an absolute certainty. He says that his book will help readers to “better understand this new reality, and provide them with tools and best practices that they can use to make themselves less exposed, more aware and better prepared to contain and recover from identity related crimes.”
He goes on to explained that while ‘Swiped’ is aimed at the consumer market, it is simultaneously an important set of ideas for engineers and technologists, indeed anyone creating systems for enterprises that handle personally identifiable information.
The good news is that we can all improve the security of our online identities. Levin says we need to become more careful with sensitive personal information, treating it as “the asset it truly is.”
If you are on social media, he says, make sure your privacy settings are set tight so as few people as possible can see what you’re saying to your friends. And most importantly: “Make sure your friends really are your friends.”