Identity Theft – 40 Facts and Stats

Identity theft is the crime of obtaining an individual’s personal information and then using it for nefarious purposes. This personal information can be anything from credit card numbers, social security numbers, login details for bank accounts, access to personal government records, etc. The illegally obtained information is then exploited for various financial gains. These gains can be as simple as taking out a small payday loan, to as cruel as opening multiple credit lines and sinking the victim into years of debt. Determining the cause and effect of identity theft can be very difficult as the victims often don’t even realize that their identity has been compromised until it is very late.

Due to the massive ramifications that ID theft can have, it has become an issue that everyone browsing the internet should be aware of. They say knowing is half the battle, so we have gathered the most fascinating facts and statistics about identity theft so you can keep yourself updated on the rising dangers of having your personal information stolen.

Quick Facts about ID Theft

Identity theft is not a joke. Millions of families are affected by it every day, and it can cause huge financial losses as well. Here we take a quick look into some quick statistics about this new threat.

  1. In 2017, nearly 60 million Americans were affected by identity theft.
  2. ID theft cost the US economy $16 billion in 2018.
  3. About 1 in 10 Americans are affected by identity theft once in their life.
  4. Identity theft costs an individual $263 on an average.
  5. ID theft doesn’t just affect adults. Child ID theft caused a loss of around $540 million in 2017.

General Facts

Now let’s take a deep dive into the threat of Identity Theft and try to understand exactly how pervasive it has become in the modern world.

1. The time interval between new ID theft victims in the USA is only two seconds!: The USA is the most vulnerable country for Identity Theft. Due to the growing reliance on the internet by users and companies alike, ID thieves have a wealth of targets to exploit. According to some reports, every two seconds, a new person is targeted by ID thieves.

(Source: CNN)

2.  2016 was the worst year for ID theft, with a total of 15.4 million victims in the USA alone: Identity theft reached a peak in 2016, with nearly 5% of all American citizens reporting their identities having been stolen. Since this number id just the thefts that were reported, the real numbers may be as high as 10% of the entire American population.

(Source: USA Today)

3. The worst year for losses due to ID theft was 2012, with a record $24.7 billion loss from the economy: The financial downturn of 2012 was a highly tumultuous time for stock markets all around the world. This downturn was further exasperated by the perfect combination of security flaws, industries being forced to reject security measures in favor of keeping their business afloat, and the introduction of modern hacking architecture. This led to a huge bump in ID theft related crimes and cause the US economy to lose more than $24.7 billion.  

(Source: Cybercrime and Digital Forensics)

4. 56% of all ID theft victims are in the range of 30 – 59 years old: Identity thieves like targeting middle-aged people more than any other age group. This is because this age group is the group that generates the most amount of information that can be exploited for various purposes. A lot of people in this age group have multiple bank accounts, multiple credit lines, different types of insurance, etc. So, when ID thieves misuse their information to create a new line of credit, it takes a longer time to be noticed.

(Source: Federal Trade Commission)

5. One in four victims get notified of their stolen identity by their financial institutions: With the massive increase in the occurrence of identity theft, financial institutions have quite substantially tightened their security measures. They’re getting much better at catching cases of credit card and account fraud. As of 2018, at least 25% of victims reported getting notified of their compromised identity by their financial institution before any negative repercussions from the same.

(Source: Federal Trade Commission)

6. 10% of all URLs on the web are malicious in design: The fact that the internet is an unsafe place should come as no surprise to anyone. However, the extent of this lax safety might be a little shocking. According to the internet security provider Symantec, nearly 10% of all websites on the internet are exclusively designed to scam people out of their personal information.

(Source: Symantec)

7. Nearly 5000 websites are hit with viruses for stealing identities every month: The safety issue of the internet is not just limited to sketchy websites online. Scammers and hackers are continuously targeting reliable websites to try and obtain the personal information of the users. As many as 5000, reliable websites are targeted with ‘Formjacking’ viruses. These viruses are exclusively designed to exploit security weaknesses in these websites and steal information.

(Source: Symantec)

8. There were 1023 data breaches in the USA, the most in the world by far: As we discussed earlier, the USA is the county with the most attempts at ID theft. This is even more evident when we take into account the data breaches that large companies face. There have been massive breaches of information recently at companies like Equifax, Marriot, and even Yahoo. These breaches gave the hackers a lot of information on the users of these services. The second most data breaches happened in the UK, with a measly 38 breaches.

(Source: Medium)

9. Poor people are more susceptible to ID Theft: While it may seem counter-intuitive, people with an annual income of under $25,000 are at the most risk for ID theft. This might be because these people cannot invest in services that can keep their identity secure. As the income of a household rises, their risk of being a victim of ID theft drops considerably, with the lowest risk being for people with an annual income of over $100,000.

(Source: Federal Trade Commission)

10. 23% of fraud victims don’t get their money back: Getting scammed is a horrible experience for an individual. It can have far reaching repercussions on their lives for years. However, most people at least rest easy knowing that even if they do get scammed, their financial institutions would be able to recover their funds. This is unfortunately not the case. Amidst victims getting scammed and asking for reparations are also con artists who file fraudulent claims in order to get reparations for nothing in particular. As a result, the portion of victims who never get their money back has seen a steady climb, having tripled to be 23% since 2016.

(Source: Javelin Strategy Report)

11. Public Wi-Fi is one of the leading sources for ID thieves to exploit: A sign that says ‘Wi-Fi here’ is a sure-shot way for any business to draw in crowds. Coffee houses and diners have been offering the password to their Wi-Fi with every purchase for a long time. This incredible popularity of public sources of Wi-Fi has made them a haven for ID thieves. As many as 60% of people admit that they feel safe when using a public source of unsecured Wi-Fi. This sense of false safety is very dangerous as apart from data breaches, insecure Wi-Fi is the most prevalent route through which ID thieves strike.

(Source: Norton)

12. 87% of people access private information on unsecured networks: Now that we have seen the dangers of an unsecured network, it might surprise you to know that as many as 87% of all users access sensitive information on these public networks. All these people using public internet irresponsibly make them the perfect hunting ground for ID thieves.

 (Source: Norton)

13. One in six victims don’t realize their identity has been stolen for more than three years: The effects of ID theft are very far-reaching and can completely upend the victim’s lives. However, despite this being the case, there are many small ways in which the thieves can utilize the information they steal. This exploitation of information can sometimes be so subtle that the victim may not even realize their identity has been stolen for more than three years.

(Source: Federal Trade Commission)

14. Three out of four people don’t use VPNs to secure their information online: Virtual Private Network services re-route the user’s network connection through a server that masks their IP address and other private information. VPNs are by far the safest way to browse the internet, according to all security analysts. However, even despite the security advantages VPNs can provide and how easily they are available, barely 25% of internet users use them, putting their information at a massive risk.

(Source: Norton)

15. 13% of the people who report ID theft do not want police action to be taken: One might think that getting one’s identity stolen would be a horrifying prospect. While that may be true for most people, as many as 13% of all ID theft victims don’t want a police report being filed, and only seek to retrieve their identity.

(Source: Federal Trade Commission)

16. Most people don’t register for credit protection/identity security services: Despite the rising threat of ID theft and the growing awareness surrounding the issue, most adults choose to forego credit monitoring and other related identity security services. As many as 82% of all adults don’t have any sort of scam security system in place. This makes the jobs of ID thieves that much easier. The people most likely to obtain protection are the individuals who lie in the top 1% of the economy, making the poorer sections of society more susceptible to ID theft.

(Source: Experian)

17. One in three adults share their confidential login details with someone: Like most other serious crimes, IDs can be stolen by people that the victim knows personally. Despite this fact, almost 33% of all adults in the USA admit to having shared their personal information and login credentials to banks with someone they know. Often it is a spouse, but can also be parents, siblings, etc. While these people may not be the ones stealing your identity, their systems can be attacked by a hacker, leading to your identity being compromised. Just don’t share personal credentials with anyone!

(Source: Tech Insurance)

Different Types of ID Fraud

Identity theft can take a variety of forms, and not all of them are the same when it comes to threats. Victims might not even notice some of these, and some leave their victims absolutely destitute. Let’s look at the different types of ID theft and the number of victims associated with them.

18. 92% of all IDs are stolen as a result of data breaches: As discussed, data breaches are huge sources of information for hackers. As many as 92% of all IDs get stolen as a direct result of these breaches. The appropriation of these IDs mostly happens over the Dark Web as a lot of the IDs stolen from these data breaches end up for sale on a variety of marketplaces.

(Source: Tech Insurance)

19. Account takeovers increased by 61% from 2015: Account Takeover Fraud refers to when an ID thief obtains the login credentials to a person’s bank accounts. They then use this information to lock out the original user completely. The user can then only watch as thieves drain their accounts. Since they are locked out of their account and the details have been changed, it is very difficult to get the account and the money back. There have been1.4 million incidents in 2018, a startling 61% rise from 2015.

(Source: Javelin Strategy Report)

20. Mobile account takeovers increased dramatically, seeing a steep 178% rise: Similar to a bank account takeover, mobile account takeovers refer to the control of a mobile account being transferred to a thief. However, mobile accounts present a unique problem for the original users, since they lose all communication to their carrier if that is their only mobile account. Following this, and the massive increase in offshore call centers for mobile companies, the chances of getting a mobile account back is negligent at best. Mobile numbers can then be used as a valid form of ID for a variety of other accounts, including some bank accounts. These lack of avenues for the user to take, and the unfettered access to the user’s life the mobile number gives, make mobile account takeovers a very lucrative option for ID thieves. From 2015 to 2018, the incidents of this type of ID theft increased from 380,000 to 679,000.

(Source: Javelin Strategy Report)

21. New Account Fraud has increased by 138% from 2014 to 2019: New account fraud refers to the creation of a new account using a stolen set of personal information. While it does not financially damage the victim directly, it can cause their credit score to take a massive hit, making it very difficult for them to secure a loan or insurance in the future. If this happens at a critical point in someone’s life, maybe during a medical emergency or when they are buying a new house, etc., a bad credit score can set them back drastically. Due to the nature of the scam, it might not be discovered until it is too late to catch the fraudster. New account fraud is also on a steep rise, seeing an increase of nearly 138% in incidents from 2014.

(Source: Helpnet Security)

22. Nearly 1.3 million children were affected by Identity Theft in 2018: Children are also not safe from ID theft and are often an even more lucrative target than adults. This is due to the fact that most children don’t have any accounts present in their names, and the crime may not be noticed until the child grows up and tries to open an account. Then they might notice that their credit score is already horrible, forcing them to take a higher rate of interest for student loans etc. This can be severely damaging for someone just starting their financial life.

(Source: Business Insider)

23. Phishing is still the leading cause of ID theft among people above the age of 55 years: Phishing refers to obtaining someone’s private details by gaining their trust. This is mainly done via trustworthy sounding emails/phone calls from the victim’s bank. This method of obtaining information is mainly used on elderly people since they are more likely to trust a suspicious email from an unverifiable source. While the modern ID thief might utilize sophisticated technology to obtain private information of middle-aged adults, phishing is still the leading source of ID theft among the elderly.

(Source: ACFE)

24. Credit Card Fraud incidents decreased by 34% since 2017: Ever since credit cards were introduced, they have been a favorite target of fraudsters. They allow a fraud to be undetected for a longer period of time than the simple extraction of funds from someone’s bank account. However, with the recent introduction of EMV based cards, duplicating someone’s credit card has become increasingly tough. This has led to a significant decrease in card-present scams. Since just 2017, there has been a drop of 34% in the incidents involving card present scams, and the number is soon expected to drop by a further 47% due to the complete gradual phasing out of magnetic cards.

(Source: Forbes)

25. Card Not Present fraud increased by 7% globally since 2017: While card present scams might be on a decline due to EMV based cards becoming the norm, card not present (CNP) is seeing an increase in the incidents rate. This increase is mainly due to the prevalence of e-commerce websites, wherein people input their account details rather freely. A data breach at the parent company of the e-commerce store might let this incredibly sensitive data of the user to fall into malicious hands. There is also the case of people accessing their accounts and inputting their sensitive data over an unsecured public network, which may let an individual steal the data directly. All these factors have led to an increase of 7% in the number of CNP scams worldwide.

(Source: Security Intelligence)

26. In Australia, card not present fraud accounted for up to 85% of all fraud: Australia seems to be the worst hit with CNP scams, with the Australian Payment Network estimating that CNP cams accounted for nearly all of the scams that occurred in Australia. The report suggests a figure of somewhere between 78% to 85% of all scams are CNP based frauds.

(Source: Australian Payment Network)

27. Deepfaking is the newest way to steal identities, especially from public figures: Deepfake is a very new technology that allows an AI algorithm to morph the voice and face of a person to resemble someone else entirely. This is achieved by analyzing and processing hours of footage and hundreds of images to produce the perfect facsimile of a person. Due to the requirement of hours of data, only highly public figures can be deepfaked. This technology was used by a, as of yet unidentified, fraudster to scam the CEO of a well-known energy company. The CEO stated that he believed he was talking to the CEO of his parent company. The fraud, using his boss’s voice, instructed him to immediately transfer $243,000 into a Hungarian account, which was then transferred to a Mexican account and redistributed to avoid detection. This case marked the first instance of an AI-supported phone scam.

(Source: Forbes)

Money Matters

Now that we have seen the extent to which ID theft can penetrate into our society, let’s look at some of the hard financial repercussions of the same.

28. New Account Fraud (NAF) in 2018 caused nearly $3.4 billion in losses: As we discussed, NAF doesn’t hurt the victim, whose ID has been stolen, directly, but does cause massive losses for the bank providing the line of credit. So, the effect this has is on the economy of the country directly. It cost the USA economy nearly $3.4 billion in 2018, and the figure is expected to jump to almost $4.2 billion by the close of 2019.

(Source: Forbes)

29. Account Takeover Fraud cost banks almost $4 billion in losses in 2018: Unlike NAF, ATF costs both the victim and the bank heavily. The victim usually ends up losing their life savings and need to approach the bank for reimbursements. These reimbursements usually take multiple months, and sometimes even more than a year, to go through, causing immense financial problems for the victim. The bank, on the other hand, loses the entire amount. ATF accounted for the USA economy losing almost $4 billion in 2018, with it projected to increase to $4.7 billion in 2019.

(Source: Forbes)

30. Credit Card fraud reduced marginally from $8.1 billion in 2017 to $6.4 billion by 2018: The decline in the number of incidents relating to credit card scams have been mirrored in the number of losses it causes to the economy. The amount of money spent on credit card fraud dropped by 26%, from $8.1 billion to $6.4 billion. However, it isn’t expected to drop much more as more sophisticated ways to conduct CNP scams come to light.

(Source: Forbes)

31. Child Identity Theft causes nearly 16.25% of all ID theft-related losses in 2018: Due to the reasons we listed out earlier, child identity theft is getting very popular. It causes a whole host of issues for the parents and the child alike. In 2018, CIT caused $540 million out of pocket losses for the parents, and caused $2.6 billion in losses for the overall economy.

(Source: Business Insider)

32. On an average, victims need to spend up to 330 hours and $1000 to get their cases fixed: Every problem can be fixed, including getting one’s identity stolen. While this might be the case, getting an identity back is easier said than done. On an average it might take someone as long as 2 weeks and $1000 to get their identities cleared of any issues that the thief might have created.

(Source: New Mexico Bank)

Weird Cases of ID Theft

While we have been looking at the scary facts about ID theft and the damaging effect it has on people’s lives, there also have been some truly bizarre cases of ID theft. These cases, for the most part, did not cause too much damage but are interesting to learn about.

33. The inspiration for Catch Me if You Can: Arguably the most famous Frank Abagnale, who is the inspiration behind Leonardo DiCaprio’s character in this mesmerising movie ‘Catch Me if You Can.’ Starting from 1968, Frank successfully stole the identities of multiple people, including a naval commander, a used car salesman, a bank official, and even a high powered CEO. He used these IDs to write bad checks worth nearly $2.5 million (the movie inflated this number to $5 million). Adjusting for inflation, he stole nearly $21 million! The most surprising fact about his crimes is the fact that he did all of them when he was 15 – 21 years old!

(Source: Frank Abagnale)

34. Oprah and Steven Spielberg want to pay a busboy millions of dollars in tips: Everyone dreams of being as financially stable as big Hollywood movie stars. In 2001, one guy, Abraham Abdallah, decided to do something to achieve this stability. Only he didn’t star in a multimillion-dollar movie. Instead, he decided to learn how to obtain private information via the exploitation of the security flaws in libraries and the early internet. He managed to obtain the social security and credit card numbers of extremely high profile people, including Oprah and Steven Spielberg. He was only caught when he attempted to transfer $10 million into his private account from the CEO of a powerful software company.

 (Source: The Guardian)

35. Give me an I, give me a D, give me a T-H-E-F-T!: A lot of people really want to go back to high school and do everything that they didn’t get a chance to do. However, nobody actually acts on these impulses. Well, almost nobody. A 33-year-old mother decided that she wanted to be a cheerleader as she didn’t get the chance to do that in her own high school. So, she stole her own daughter’s identity and enrolled in high school.  She attended this school for nearly three weeks, even attending a pool party held by the cheerleading coach. She was arrested soon after the party and was dubbed ‘Pom-Pom Mom’ by the media. There was even a movie loosely based around her called ‘Identity Theft of a Cheerleader.’

(Source: The Atlantic)

36. Sure, everyone can have my identity: Hubris can be a dangerous thing. Todd Davis learned this lesson the hard way when he decided that the identity securing service his company, Lifelock, provided was good enough for a huge publicity stunt. He decided to publish his actual social security number on a huge variety of advertisements for his company. His social security number was plastered over billboards, TV ads, magazine ads, and even pamphlets that were sent out to people’s homes. It was soon apparent why people are advised against giving out their social security number to strangers. His identity got stolen 13 times within the next month, which his company wasn’t able to prevent at all.

(Source: Business Insider)

37. Stealing identities just to post some reviews: When people steal someone else’s identity, it is usually to use it for financial gain. However, monetary gain was far away from Raphael Golb’s mind when he decided to steal the identities of various well-respected professors and academics. Instead, he wanted to use these identities to help his father’s professional career. His father, Norman Golb, had come up with a heavily criticized theory regarding the Dead Sea Scrolls and had been suffering from depression due to the academic industry’s critique. Raphael, therefore, used the stolen identities to post favorable reviews and praises for his father’s work on the Dead Sea Scrolls. His deception was soon caught, and he was arrested for felony identity theft.

(Source: New York Times)

38. Back to school, as a guy this time: Barbora Skrlova was a 33-year-old woman living in the Czech city of Brno. Due to reasons that her psychiatrists haven’t made public, she had a very strong urge to appear and act as a teenager. So strong, that she joined a cult, faked her birth certificate and posed as a 13-year-old girl, adopted by Klara Mauerova, another cult member. Mauerova was soon accused of abusing her two younger biological sons, leading to the police wanting to question Barbora. To avoid the police Barbora ran away to the city of Oslo, where she posed as a 13-year-old boy, Adam. She achieved this by shaving her hair and taping her breasts. Soon the police started to close in on her for the Mauerova case, still believing she was a child. She subsequently ran away from Oslo, prompting a missing child case to be filed and a nationwide search being launched. That led the police to Tromsoe, and the whole scam was unraveled. Barbora was placed under state psychiatric care and was institutionalized soon after.

(Source: CBS News)

39. Don’t be yourself; you’ll get arrested: Being faced with massive debt and the impending bankruptcy associated with it is not a situation anyone would like to face. However, this is the exact situation in which poor Ming Li found himself. Though instead of trying to pay off his debt, he decided to fake his own death. It was a convincing affair as well, complete with an obituary and funeral. His deception only came to light when he tried to apply for a driver’s license, using his original birth certificate. The DMV, not accustomed to serving dead people, informed the police, and Ming Li was arrested for trying to appropriate the identity of Ming Li.


40. The 91-year-old woman going trekking and flying to Paris for a weekend getaway: Receiving the mail of the previous tenant is something that a lot of new residents have to deal with. Most people return the mail to the post office or forward the mail to the person to whom it belongs.Nicola Marlton-Thomas, however, had different plans. When she started receiving mail for Eunice Lee, a 91-year-old woman who had died two years prior, she conducted some investigations. Upon finding out about Eunice’s death and lack of heirs, she went on a spending spree using the €33,000 in Eunice’s bank accounts. She was caught when the bank grew suspicious of the activity that the accounts were seeing, including a ticket to Paris, several luxury dresses, and even camping gear.

(Source: Daily Mail)

Sources and References:

  1. CNN
  2. USA Today
  3. Cybercrime and Digital Forensics
  4. Federal Trade Commission
  5. Federal Trade Commission
  6. Symantec
  7. Symantec
  8. Medium
  9. Federal Trade Commission
  10. Javelin Strategy Report
  11. Norton
  12. Norton
  13. Federal Trade Commission
  14. Norton
  15. Federal Trade Commission
  16. Experian
  17. Tech Insurance
  18. Tech Insurance
  19. Javelin Strategy Report
  20. Javelin Strategy Report
  21. Helpnet Security
  22. Business Insider
  23. ACFE
  24. Forbes
  25. Security Intelligence
  26. Australian Payment Network
  27. Forbes
  28. Forbes
  29. Forbes
  30. Forbes
  31. Business Insider
  32. New Mexico Bank
  33. Frank Abagnale
  34. The Guardian
  35. The Atlantic
  36. Business Insider
  37. New York Times
  38. CBS News
  40. Daily Mail