By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Vigilance against identity theft and identity impersonation

How to Safeguard your Identity: Spotting Identity Impersonation


January 22, 2024

In this comprehensive article, we'll present the most common types of identity fraud and some best practices to avoid being targeted. From risk factors to prevention strategies, we'll equip you with the knowledge you need to protect your identity against digital fraudsters waiting for the right moment to strike. 

Nowadays, owning a home is a dream shared by many, yet increasingly difficult to realise. Undoubtedly, it is a symbol of stability, success, and a financial investment that often takes years to achieve.


In particular, the innovations brought about by the World Wide Web have introduced property owners to both new opportunities and challenges - and one of the most insidious of these digital threats is identity impersonation.

In order to defend yourself from such schemes, it essential to learn to recognise the different kinds of online identity theft techniques.


Common Types of Identity Fraud


The digital age has transformed the way we buy, sell, and manage our homes. Property listings have moved from newspapers to online platforms, making it easier for homeowners to reach a wider audience, but also providing fraudsters with new opportunities for orchestrating identity impersonation and property frauds.


Property owners need to stay informed on updates and developments not to find themselves unprepared against the latest identity impersonation techniques. Let’s briefly review the most widespread types of identity fraud to be aware of in the constant struggle to safeguard property ownership and identity.




Identity Spoofing


Identity spoofing is a widespread online technique that fraudsters employ to get their hands on sensitive data and information, which are then used to commit title fraud and other illegal activities.


Spoofing typically involves impersonating the identity of the target through the creation of fake accounts associated with the victim, such as email addresses, social media profiles, and bank accounts.


There are several ways in which cybercriminals can manage to do so, ranging from “simple” phishing emails (more about phishing below) to the use of high-tech software able to create realistic false identities very difficult to disprove.


Some sub-categories of identity spoofing include email spoofing, website spoofing, and IP spoofing – which is usually employed to perform DoS (Denial-of-Service) attacks.


Although it is often equated to identity theft, most likely because both deal with a victim’s private information, spoofing is different from your typical identity theft due to a few critical characteristics. 


Identity theft is focused on stealing sensitive information from victims – such as name, date of birth, credit card number and so on – in order to compromise the security of their unique identification to perform various types of fraud (including property fraud).

Spoofing instead is concerned with creating seemingly legitimate online sources of identification to impersonate someone, with the purpose of using them to gain other sensitive information or spread malware in their name.


For this reason, spoofing is often used by fraudsters as a preparatory technique to enable identity theft.





Phishing is probably the most common type of identity impersonation technique, and certainly one of the very first to be used online since the dawn of the internet age.


One of the causes of its popularity among cybercriminals is that it is surprisingly easy to carry out and, despite being around for a very long time, still shows high percentages of success.


During a phishing attack, victims are contacted via mail or text messages by fraudsters impersonating legitimate institutions – such as banks – with the purpose of tricking them into disclosing personal information, which is then used to access their accounts and perform various types of fraud.


This often involves creating fake websites and addresses very similar to those of the original institution to gain the target’s trust. To discourage victims from double-checking the legitimacy of these sources, cybercriminals usually resort to emergency communications: they might tell you that your bank account will be closed soon if you do not act quickly, or that you risk losing – or gaining, for all that matters – huge sums of money if your response is time-sensitive.


Once victims give away their private credentials by following links or clicking on malicious attachments, the fraud becomes evident; unfortunately, there is little they can do at this point, since criminals are free to use those credentials to enter their personal accounts, usually causing critical financial losses very challenging to recover.






Vishing could be seen as the next-gen phishing scam, and its dangerousness lies precisely in the fact that it is new and less known to most internet users.


In short, vishing takes advantage of the most advanced software available to scammers to call victims directly on their phone, once again impersonating legitimate institutions such as banks, and employing fake registered messages that inform the target their account is at risk of being compromised for whatever reason.


Then, victims are redirected to malicious toll-free numbers.

At this point, they will be required to insert their private credentials to recover their accounts: once they do that, scammers are ready to enter those accounts themselves, or even create new accounts on the victim’s name.


Vishing is especially tricky because fraudsters manage to trick the phone’s caller ID system using illegal software, showing up on your phone screen with the name of the institution they want to impersonate.


Pairing this up with the fact that phone calls are usually the preferred way of contacting users by legitimate financial institutions, spotting a vishing scam before it is too late can be extremely difficult if you are not properly informed.





Lastly, pharming represents one of the most advanced and concerning identity impersonation scams on the web. It is nearly impossible to notice and can deal a heavy blow to your financial health without you even realising what’s going on.


Using malware and viruses, cybercriminals can manage to hijack your browser; once the browser is compromised, when you type in internet addresses to enter the website of your bank or other institutions, you will be automatically redirected to a fake site, identical in almost every aspect to the one you were searching for.


Sadly, typing passwords and other kinds of relevant information while navigating this forged website will give unrestricted access of your accounts to fraudsters, who will be free to enter the real website and empty your bank accounts in a matter of hours, at best.


Pharming is still a relatively new practice in the world of identity impersonation frauds and, as of now, it is almost impossible to notice when your browser is being targeted.






Best Practices to Avoid Being Targeted


Having reviewed such fearsome and menacing identity frauds, you might feel powerless against the threat cybercrime can pose to your financial well-being.

Yet, there are some preventive measures and red flags to look out for which, when timely spotted, can save you from becoming the next victim of these fraudulent schemes – saving you a ton of money.




Is this Email Legit?


When receiving an email that could potentially turn out to be a scam, there are certain features you need to check to clear all doubts and avoid threats.


First, look at the provenance of the message.


Is it coming from an unusual email address or domain?

Do you know the sender personally?

Do you have any actual business relationship with the institutions mentioned in the mail? If yes, is it the usual way they contact you?


Then, be suspicious of any links or attachments within the mail.


Is the hyperlink unusually long?

Does the presence of the attachment make sense to you or is it in a file type you do not recognise?

If the sender is insisting that you click on hyperlinks or attachments - conveying a strong sense of urgency - the utmost caution is needed.


Other huge red flags are spelling and grammar errors in the body of the email, and unusual sending hours (in the middle of the night or extremely early in the morning, for instance).




Learn the Power of a Good Password


As trivial as it may seem, strong passwords are often crucial in ensuring that your safety and privacy online are respected.


Using several, complex passwords for your accounts, and remembering to change them from time to time, can make a huge difference in the struggle against identity fraud.


Remember: long passwords employing capital letters, numbers and special characters are always to be preferred. Also, do not use any parts of your personal information to create the password, even if it makes it easier to remember – it’s always best to write them down somewhere safe if you have memory issues.




Two Factor Authentication Is Effective


Two factor authentication is a service now offered by almost any institution in the world, and for good reasons.


By adding an extra verification step to enter your account, such as linking it to your phone number or selecting a security question you and only you know how to answer, this method can turn out to be extremely useful in protecting you from cybercriminals.





Be always In Control with Title Guardian


Identity theft is a threat that can have tremendous consequences on your financial health, and, in some cases, it may evolve into even more dangerous types of fraud, such as title fraud.


To help mitigate these risks and offer you a way to effortlessly monitor any suspicious activities around your properties, Title Guardian developed a set of digital monitoring tools able to stop fraudsters on their tracks.


You just need to register your properties on our system, verifying your identity first, to start being aware 24/7 of any potentially suspicious developments.


Whenever a potential threat is identified, Title Guardian will send an instant notification to your profile, either on your mail or directly on your phone through our dedicated mobile app.

Doing so, you will be ready to implement the preventive measures required before any actual damage is dealt to your ownership rights – and private information.