Children's personal information is in high demand among cybercriminals, according to cybersecurity firm ESET. Scammers use it for many of the same purposes as adult information:
- Opening bank accounts for use in money laundering and scams.
- Open new credit card accounts to accumulate debt.
- Obtain benefits and loans or social assistance plans.
To carry out child identity theft, cybercriminals often collect personal data and then sell it on dark web marketplaces and forums for use by fraudsters.
The methods for obtaining these data are similar to those used to engage adults. They include the following:
Phishing via email, social networks or text messages
Children are lured into clicking on malicious links, installing information-stealing malware. Or they are tricked into giving up their personal information in a fake sweepstakes.
Third-party infringements
Child identity theft can also arise from data breaches to companies or organizations.
Acquisition of accounts
Games, social networks and online learning accounts can be valuable treasure troves of identity information. They can be compromised through phishing attacks or brute force attacks.
Excessive sharing on social networks
By sharing too much personal information through social accounts, including birth dates and details about their schooling, the child provides weapons to defraud them.
Physical theft
Scammers confiscate documents from the trash or even directly from the mail.
It should be noted that child identity theft by family members is common. In approximately 67% of households experiencing this phenomenon, the victim personally knew the perpetrator.
“Close access to confidential documents gives these family members the perfect opportunity, and the assumption of innocence means the fraud can go undetected for years,” ESET warns.
