How organizations and individuals can defend against would-be identity thieves TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. How organizations and individuals can defend against would-be identity thieves By Bryan M Wolfe, Ricky Magalhaes last updated 24 June 2022 Shielding against identity theft in a post-pandemic world (Image credit: Shutterstock / Sapann Design) Audio player loading… It's a buyer's market for criminals with an eye for identity theft (opens in new tab). Thanks to workforces everywhere still being scattered post-COVID, employees are more vulnerable than ever to social engineering tactics. Additionally, once protected by robust on-premise security and corporate networks, sensitive data is now accessible via unsecured home environments. What's more, organizations across the globe are scrambling to digitize their processes, regulators have yet to enforce remote security procedures, and our most valuable data can now be accessed via easily penetrable devices on a basic home network. It's more important than ever that IT teams ensure their remote workforce is educated and enabled to deal with increasingly sophisticated criminal attempts. Before delving into how to protect against identity theft, it's important to understand the two core avenues criminals utilize. (opens in new tab) A Techradar Choice for Best Identity Theft Protection (opens in new tab) Aura is an excellent choice thanks to its user friendly interface, antivirus service and detailed reporting dashboard. Save up to 50% (opens in new tab) with a special Techradar discount. View Deal (opens in new tab)Here's our list of the best secure router (opens in new tab) on the marketCheck out our list of the best VPN services (opens in new tab) on the marketWe've built a list of the best encrypted messaging (opens in new tab) services around Social engineering Intruders looking to perform identity theft first undergo what can often be a lengthy process of social engineering. This means stealing minor information specific to the user they are targeting and using it, alongside intimidation tactics, to blend some truth into a narrative with the user, such as requests from a bank or trusted brand asking for verification or even answers to security questions. Once the victim divulges this information, the attacker can use it to seize total control of the user's online identity and wreak havoc throughout the enterprise network. Home network devices With most, if not all, of the average workforce now being based at home, cybercriminals can bypass the more robust security of the physical office perimeter and find a way in through a less secure device sitting on the same home network as a company laptop (opens in new tab) or tablet (opens in new tab). This is particularly concerning for banks and other financial organizations housing lucrative data. Once an attacker breaks into the network, they can move laterally throughout the network and do what they do best. With these routes to identity theft acknowledged, it's up to IT teams to create strict procedures that enforce the best possible defense and ensure users accessing the network are equipped to correctly identify and mitigate threat attacks in the case that these defenses don't work. As always, the first and most effective thing IT leaders can do is create an atmosphere of caution amongst their colleagues. This means adopting a 'zero trust' approach to business communications - digital or otherwise. If users aren't expecting an email asking for specific information, they should phone the sender to verify the request. That goes for any communication - if there is a second way of authenticating the person at the other end of the email or phone, it must become second nature. It is an extremely simple method, but it's also the most effective. It's awareness like this, almost common sense, that is often lost as businesses scramble to digitize themselves. Despite all of the security solutions available, humans still play a pivotal role in defending or failing an organization. Attackers will remember this, but organizations often forget. Another vital tool in any defense is multi-factor authentication. By requiring more than one set of data from a user looking to access sensitive files or networks, the chance of a successful breach due to identity theft is immediately reduced. So, if your online identity is stolen, multi-factor authentication acts as a final safety net. If you can't identify somebody, you can't authenticate them. If you can't authenticate them, you can't provide the correct actor privilege level - which is how these compromises typically occur. Network segregation is a reliable way to prevent criminals from accessing and laterally moving through an enterprise network, having accessed it through a weak security point at a user's home. By providing remote workers with a separate network dedicated entirely to their workloads, IT leaders can remove these new security blind spots - in the form of the connected home - and close one of the prime avenues used by those attempting identity theft. Stay vigilant Identity theft attempts and remote working practices are here to stay, though the idea of total protection is gone. Nobody can fully protect, and so we must instead focus on defending for the inevitable. Beyond the above actionable tips for combating identity theft, IT teams and their organizations must embrace a larger sense of vigilance, awareness, and consistency when composing themselves and interacting with others online.We've also highlighted the best password manager (opens in new tab) Bryan M WolfeBryan M. Wolfe is a staff writer at TechRadar, iMore, and wherever Future can use him. Though his passion is Apple-based products, he doesn't have a problem using Windows and Android. Bryan's a single father of a 15-year-old daughter and a puppy, Isabelle. Thanks for reading! See more Computing news Are you a pro? Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar. You will receive a verification email shortly. There was a problem. Please refresh the page and try again. MOST POPULARMOST SHARED1The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me2Stop saying Mario doesn't have an accent in The Super Mario Bros. Movie3Google Pixel Tablet is what Apple should've done ages ago4RTX 4090 too expensive? Nvidia resurrects another old favorite5More than one million credit card details leaked online1The iPhone 14 Pro is made of the wrong stuff; the Pixel 7 proves that to me2iPhone 15 tipped to come with an upgraded 5G chip3If this feature succeeds for Modern Warfare 2, Microsoft can't ignore it4Apple October launches: the new devices we might see this month5The Rings of Power episode 8 trailer feels like one big Sauron misdirect Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)