3 Common Cybersecurity Mistakes that Can Lead to Identity Theft

3 Common Cybersecurity Mistakes that Can Lead to Identity Theft

Identity theft is a growing threat in 2022.

Since the onset of the pandemic, the incidence of cybercrime has increased exponentially. Just one type, identity fraud, increased by over 1,600% in 2020 alone.

Still, many of us continue making basic cybersecurity mistakes that throw the door wide open for identity thieves. Here are the three most common of these mistakes – and how to avoid them.

Leaving Your Social Media Profiles on Public 

The first major step towards identity theft prevention is to set your social media profiles to private. Make sure that only a select number of people have access to your personal information.

Public profiles on Facebook, Instagram, or Twitter offer unlimited ammo for cybercriminals. From answers to common security questions (Your mom’s maiden name? Your first pet?) to personal details like birthdays, all the information is at their fingertips.

In addition, having detailed knowledge of your social contacts also gives hackers all the weapons they need for a spear-phishing attack. This means that they specifically target a phishing email to you.

For instance, you could receive a mail from a “colleague” asking you to fill out a survey to fix a date for their birthday party. In reality, though, the link you click on installs malicious software on your machine.

Another threat of public profiles is that cybercriminals could gain enough data from them to use their identity to open new accounts.

Not Using Strong Passwords or 2FA

Yes, you have heard this piece of advice countless times before. No wonder – it’s high up on any list of fraud prevention tips. Nevertheless, not using strong passwords is still one of the most common causes of identity theft.

According to the latest statistics, the five most common passwords are still “123456”, “123456789”, “qwerty”, “password”, and “1234567”.

A moderately proficient hacker – or even an amateur with a little time on their hands – can crack any of these passwords instantly.

Passwords become harder to crack the more complex they are. For instance, a hacker’s algorithm can figure out any 7-character lower-case password instantly. Make it 10 characters, including lower- and uppercase letters, as well as numbers and special characters – and suddenly it takes the same algorithm five years to solve.

Another common failing is to snooze through activating two-factor authentication (2FA). 2FA means you need to check an extra security box – such as confirming that it’s you on a second device – before you get to log into your account. This can prevent 100% of bot attacks and 96% of automated phishing attacks.

Yet less than 10% of Google users and only 2% of Twitter users have 2FA activated.

Not Keeping Up With Breaches Or Monitoring Your Data

A final common mistake is to stay ignorant when your data has been breached.

In some cases, you’ll see an email in your inbox telling you that a company that has your details has been hacked.

From MyFitnessPal to LinkedIn, we trust dozens of companies with our personal information.

But when we get notified that they’ve been compromised and our data potentially exposed – most of us do nothing. Many of us don’t even open the mail in question, ironically, thinking we’re looking at spam.

Even worse, few breaches get noticed immediately. It takes companies an average of 206 days to realize they’ve been compromised. However, knowing that your data might have been compromised is essential. Only then will you be able to take the necessary steps to prevent serious consequences.

That’s why it’s crucial to check on your data periodically and to stay on the lookout for breach alerts.

One way to go is to use services such as haveibeenpwned.com. Here, you can enter your email addresses to check if they were compromised in any known data breach.

To go a step further, you can invest in cybersecurity software that includes dark web monitoring. This means an algorithm will constantly be scanning the dark web for your personal information – and alert you if it is found in hackers’ hands.


Identity theft can have disastrous consequences, affecting your personal life as well as your finances. That’s why it’s crucial to stay vigilant.

By changing the settings on your social media profiles, maintaining password standards, and keeping up with breaches, you can protect yourself. And your identity.

Related Posts