Identity theft cyber crimes are evolving, according to Nationwide, and many people may have never heard of juice jacking, QR code scanning or form jacking, according to respondents of the latest Agency Forward survey conducted by the Ohio-based insurer.
Of those surveyed, 81 percent are concerned about the risk of identity theft and 82 percent are concerned about the use of artificial intelligence (AI) to steal someone’s identity.
Identity theft is now considered a part of modern day life, according to 74 percent of respondents, with 82 percent saying it would be difficult to recover.
“If you have ID theft coverage it will make your recovery process much easier and give you access to an entire team of resolution and cyber risk specialists,” said Beth Riczko, Nationwide’s president P&C Personal Lines.
Only 20 percent of those surveyed currently have ID theft insurance coverage in place.
Survey respondents were more familiar with phishing (73 percent), fake job/lottery/prize scam (66 percent), website impersonation + public Wi-Fi hacking (59 percent); and less familiar with form jacking (43 percent), QR code scam (38 percent) and juice jacking (35 percent).
Juice jacking, according to the Michigan Department of Attorney General, is a type of cyber attack where data is stolen from a smartphone, tablet or another electronic device while being charged at a public charging kiosk. This happens when hackers install and hide a skimming device inside the USB ports of the kiosk.
According to a January 2022 FBI alert, identity theft involving QR codes occurs when legitimate codes are replaced with malicious codes which then direct victims to a malicious site, prompting a request for login and financial information. “Malicious QR codes may contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information,” the alert stated.
When phones are plugged in to charge, the skimming device transfers data to or from the phone. It can install malware, lock the phone or steal personal data. It provides access to sensitive information such as passwords and other credentials, credit card and bank account numbers, and contacts.
Criminals will also intentionally leave charging cables at the kiosk or pass them out as a promotional gift. These cables may also be infected with malware that will download to the device when connected.
While recognizing the risk of identity theft, some still engage in unsafe habits.
Of those surveyed, 91 percent reported monitoring their financial accounts and securing Wi-Fi with strong passwords, and 88 percent are updating devices with security software.
While only 48 percent reported using a VPN on public Wi-Fi, 42 percent said they subscribe to an ID theft monitoring service and just 22 percent subscribe to a dark web monitoring service.
Even more concerning, 54 percent use the same password on multiple sites, 39 percent use QR codes to make purchases/view menus, and 37 percent share personal information over the phone.
A minority of respondents (20 percent) said they currently have ID theft insurance, and of those that don’t, 62 percent would be willing to spend up to $49 a month on ID protection.
For those who don’t yet have the coverage, 38 percent said they don’t know enough about it, 35 percent think it’s too expensive and 29 percent think they take enough precautions to reduce their risk of identity theft.
More than half of the respondents (52 percent) are also under the mistaken impression that separate policies are needed for each family member, while 48 percent think a lawyer must be hired when ID theft occurs.
“You can protect your digital identity for a lot less than you think — about $4 a month. Many people don’t even realize their home/auto insurer would provide this type of coverage — and the coverage has some really good features,” said Riczko.