Gabi Power 08 November 2022 09:12:01 AEDT 13 MIN READ

What is Identity Theft?

According to ScamWatch, from January to September of 2022, Identity Theft was the 4th most commonly reported scam type in Australia and cost citizens almost $8 million. 

Identity theft is when a criminal gains access to your personal information and is able to use it without permission for their benefit, financial or otherwise. Often identities are stolen and used in illegal activities, such as creating fake identity documents with your name, applying for real IDs, or getting loans, credit cards, and mobile phone contracts. These sorts of scams can have devastating financial and emotional impacts on the victim and may remain unresolved or cause problems for years. 

The Crimes Act 1958 defines identity theft as “information relating to a person (whether living or dead, or whether real or fictitious), that is capable of being used (whether alone or in conjunction with other information), to identify, or purportedly identify, the person”.  

If you think you’ve fallen victim to a scam, check out our guide on what to do here 

Personal information that’s included under this definition include:  

  • A name, address, date of birth or place of birth 
  • Information as to the person’s marital status 
  • Information that identifies another person as a relative of the person 
  • A driver licence or driver licence number 
  • A passport or passport number 
  • Biometric data 
  • A voice print 
  • A credit or debit card, its number or data stored or encrypted on it 
  • A financial account number, user name or password 
  • A digital signature 
  • A series of numbers or letters (or both) intended for use as a means of personal identification 
  • An Australian Business Number 

Identity theft is most commonly a result of phishing, hacking, remote access scams, malware/ransomware, and data breaches, but even what you post on social media can provide a determined scammer with enough information to impersonate you.  

It’s likely that you won’t realise immediately that your identity has been stolen, but after some weeks, or even months, you may begin to see some warning signs. ScamWatch advises that the most common signs of identity theft are:  

  • Charges on your bank statement that you don’t recognise, or unusual bills arriving in your name 
  • Calls, text messages, or emails about products/services that you’ve never used  
  • Missing mail  
  • Strange emails landing in your inbox 
  • A sudden increase in abnormal text messages, phone calls, or messages on social media 

To keep your identity safe, you should always:  

  • Protect sensitive information. Don’t overshare on social media or provide your personally identifiable information (PII) to anyone you don’t know, who reaches out unexpectedly via phone call, SMS or email 
  • Create strong, unique passwords and do not share them with anyone 
  • Delete suspicious emails and text messages immediately without opening or clicking on any links/attachments 
  • Never provide a stranger remote access to your device 
  • Make sure that you have anti-virus and anti-spyware software installed, and that it’s up to date 
  • Lock your mailbox and shred documents that contain sensitive information before you dispose of them 

ScamWatch also warns that “If you think you have provided your account details, passport, tax file number, licence, Medicare or other personal identification details to a scammer, contact your bank, financial institution, or other relevant agencies immediately.”   

If you believe you have fallen victim to identity theft, learn where to report it here, and contact IDCARE, which is a free government-funded service which supports individuals and organisations that have concerns about their PII or cybersecurity in general. You can contact them through their website, or by calling 1800 595 160 (AUS) or 0800 121 068 (NZ).  


Keep Your Business Protected 

Prevention is always better than a cure, and the best defence is for your businesses to proactively boost its cyber resilience levels to avoid threats landing in inboxes in the first place. The fact that a staggering 94% of malware attacks are delivered by email, makes email an extremely important vector for your business to fortify. 

No one vendor can stop all threats, so don’t leave your business exposed. If you are using Microsoft 365 or Google Workspace, you should also have third-party solutions in place to mitigate your risk. For example, using a specialist cloud email security solution like MailGuard to complement Microsoft 365.  

For more information about how MailGuard can help defend your inboxes, reach out to our team at . 


Keep Informed with Weekly Updates