Gen-Z, Millennials report identity theft more than any other generation – Forbes Advisor
Editorial Note: We earn a commission from affiliate links on Forbes Advisor. Commissions do not influence our editors’ opinions or assessments.
Identity theft is an insidious crime that exploits the weaknesses of every generation.
Whether you’re a smug Millennial whose favorite password is still your dog’s name or a lonely widower who gets hit by an online scam, you might be surprised to learn that no age group is immune to identity theft.
This type of fraud occurs when someone steals your personal information such as your name, social security number, password or address. They can use this information to open lines of credit, steal money from your bank account, take over a social media page or email accounts, claim unemployment and even file taxes.
And it’s a multi-billion dollar problem. According to the Federal Trade Commission (FTC), more than $5.8 billion was lost to fraud in 2021 alone.
For people who have spent their lives online, identity theft can seem like a vague threat, and the effort to protect themselves doesn’t feel worthwhile. But FTC data shows that young Americans are just as vulnerable as older Americans to identity theft scams.
Why younger generations are vulnerable to identity theft
In the third quarter of 2022, the majority of identity theft reports to the FTC were from people in these three age groups:
- 30 to 39 years old (30% of identity theft reports)
- 40 to 49 years (22%)
- 20 to 29 years (18%)
The irony of being a digital native and being highly vulnerable to digital fraud can come down to a false sense of security or simple inertia.
According to a recent Ernst & Young survey, Millennials and Gen-Z employees are less likely to follow cybersecurity protocols than their older counterparts. The survey found that younger generations who grew up with computers and internet access “are significantly more likely to ignore mandatory IT updates for as long as possible.”
“Younger generations are overconfident,” says Mike Steinbach, a former FBI executive assistant director who now heads fraud prevention for Citi Personal Banking and Wealth Management. “They may not be as careful because they’re comfortable online, and they’re also online more, so there’s more exposure to these scammers.”
While talking about identity theft isn’t the funnest topic of conversation for most people, it’s important to educate yourself, your children, and your elderly family members about the dangers of identity theft. The holidays can be the perfect opportunity to do so.
People aged 60 to 69 (8% of identity theft reports in the third quarter) and 70 to 79 (3%) reported identity theft at low rates compared to younger generations. But as FTC spokeswoman Juliana Gruenwald Henderson points out, that doesn’t necessarily mean they’re less vulnerable than other age groups. It may simply indicate that members of younger generations are more likely to report having been stolen, she says.
Cybercriminals use different tactics to target different types of people. For younger people, identity thieves may rely on indolence, such as not updating passwords often or not setting up two-factor authentication, Steinbach says. For older people, fraudsters can prey on vulnerabilities such as loneliness or a lack of technological knowledge.
3 types of identity theft to watch for
Credit card fraud, loan or rental fraud and bank fraud are the three most common forms of identity theft. Older Millennials between the ages of 30 and 39 are by far the largest group affected by all three types of fraud.
The older the age group, the less fraud is reported in these categories. Older members of Gen-X and the youngest Baby Boomers, ages 50 to 59, were half as likely to report credit card fraud as older Millennials.
Fraudsters often fish with dynamite when launching identity theft scams; they are not necessarily aimed at a certain demographic. For example, they can create a fake email or Facebook post and send it to hundreds or thousands of people. Even if only a fraction of these recipients take the bait, it could potentially be a sweet payday for the scammer.
Read more: What is phishing?
In 2021, more than one in four people who reported being victims of fraud said they came from a social media site. According to the FTC, social media was the most profitable way for scammers to make money in 2021.
“Anyone who discloses a lot of personally identifiable information via social media is a target for identity theft,” said David Pickett, senior cybersecurity analyst at OpenText Security Solutions.
Younger generations are more likely to use social media, with 84% of people aged 18 to 29 reporting using at least one social media site, according to Pew Research. This is consistent with younger people also reporting identity theft at higher rates. But older generations are not averse to social media – nearly half use at least one social media platform regularly.
Use of social media by age
Older adults lose more money to identity theft
While younger people report identity theft at a higher rate, older people report losing larger sums of money when they fall victim to a scheme.
In 2021, the median amount stolen via identity theft from people ages 20 to 29 was $500. Meanwhile, the median loss for people ages 80 and over was $1,500, according to FTC data.
“In dollar terms, older generations have most of the wealth,” says Steinbach. “There are certainly cases there [scammers] targeting specific individuals for their wealth.”
Elderly scams range from “grandparent” scams that encourage the victim to send money for emergency care, such as paying for a hospital visit, to romance scams, which prey on lonely or isolated older people.
Romance scams were the costliest scams used against older consumers in 2021, according to the FBI Internet Crime Complaint Center’s 2021 Elder Scam Report. These scams drained $432 million last year from people over 60.
“No matter your age, it’s important to take preventative measures that can help prevent various types of fraud and scams,” says Naftali Harris, CEO of SentiLink, an identity verification technology company that detects and blocks synthetic identities. “If something seems too good to be true, it probably is. If something seems wrong, it probably is.”
Identity theft can ruin your life – here’s how you can protect yourself and your loved ones
It may sound like an exaggeration to say that identity theft can dismantle someone’s life, but it’s not. People have lost their homes, savings, relationships and other cornerstones of their lives to identity theft.
However, you can take steps to prevent identity theft from happening in the first place.
Protect Yourself: Identity Theft Checklist
- Use a password manager. A password manager allows you to store strong passwords securely. Instead of creating simple passwords that you can remember but are easily hacked, a password manager will store long, randomly generated passwords for each account via encrypted software. Password managers, which can cost from $3 to $10 per month for an individual subscription, are not foolproof. Like all websites, they can be vulnerable to hackers, so although most cyber security experts recommend them, it’s wise not to rely on them as your only defense.
- Set up multi-factor authentication. Multi-factor authentication requires the user to verify their account in two or more ways, such as entering a password and then entering a code sent to their phone. This adds an extra layer of protection between you and hackers.
- Static questions provide the least possible protection. Static questions like “what is your mother’s maiden name?” is easily compromised, so it’s always a good idea to have another way to verify your account. To help thwart potential attackers, use fake answers to these questions (and make sure you keep track of your answers!).
- Do not log into personal accounts on public Wi-Fi. If the Wi-Fi at your local coffee shop is unencrypted, nearby users can potentially see what you’re sending over that network. Public Wi-Fi is not secure, so avoid logging into your bank account, password-protected websites, or other private networks while using it.
- Set alerts for all bank transactions. Many banking apps and websites allow you to set up various alerts, including transfer, deposit activity and low balance alerts. Contact the bank’s customer service department if you are unsure how to set up these notifications.
- Do not provide personal information on incoming calls or emails. If an organization you do business with calls you and asks for information or payment, call them back at a verified number (the number on the back of your credit card or on a bank statement, for example).
- Limit the amount of personal information you share on social media. Fraudsters use what is shared on social media as fodder for their schemes.
- If you’re approached with a story that seems fishy, do an online search. A simple web search can turn up known scams like the one you’ve been presented with. If you are unsure of the truth of the story, always go to the primary source. For example, call the IRS to ask for a refund (using a known number, not the one provided in a text message, phone call or email).
“Several years ago, it was very easy to spot a fake request. Now these identity thieves are very creative, says Steinbach. “You must be alert.”
Find the best identity theft protection services in 2022