Google Offers Reminders on Preventing Identity Theft

Identity theft is again the top consumer complaint in the U.S, according to the FTC. Google wants to remind users how they can avoid becoming victims.

Google is reminding consumers that for the 13th year in a row, identity theft remains the top consumer complaint received by the U.S. Federal Trade Commission, comprising 18.9 percent of the 2 million complaints received in 2012.

And the answer to fighting identity theft, according to a Feb. 27 post on the Google Public Policy Blog, is that consumers and Internet users need to remain ever-vigilant about their online activities and their personal data security policies.

"Yesterday, the Federal Trade Commission released its annual list of the top categories of consumer complaints received by the agency," wrote Pablo Chavez, Google's director of its public policy arm. "Identity theft has real consequences for consumers. It enables fraudsters to open lines of credit, drain banking, savings, and retirement accounts, file false tax returns and falsify medical records. Victims often incur significant out-of-pocket expenses, spend considerable time trying to fix the problems created by the theft and experience emotional stress as they attempt to repair the damage to their lives."

The FTC report said that in 2012, some 369,132 complaints that it received involved identity theft, with about 43 percent of those cases involving tax- or wage-related fraud.

The rest of the top 10 list included consumer complaints about topics such as debt collection, banks and lenders, shop-at-home and catalog sales, prizes, sweepstakes and lotteries, imposter scams, Internet services, auto-related issues, telephone and mobile services, and credit cards, according to the FTC.

To fight identity theft online, Google turned SSL encryption on by default for Gmail users in 2010 to protect their messages from being snooped on by others, and Google has also extended SSL encryption to Google Search and Google Drive, according to Chavez's post. "In 2011, we made our two-step verification service available for all Google Accounts so users could add an extra layer of security and protection to their account."

Google maintains a Good to Know Website, where online consumers can learn more about staying protected in their digital lives online, according to Chavez.

"Keeping our users' information safe and secure is among our highest priorities at Google, and we are continuously adjusting our security practices as threats from identity thieves and account hijackers evolve," he wrote.

Chavez also listed some of the most important security steps that consumers can take to protect themselves and their identities online, including:

  • Making sure to use strong, unique passwords for each of their important online accounts. Those passwords should include varied combinations of upper- and lower-case letters as well as numbers and other characters.
  • Making sure that consumers keep their account recovery options up-to-date so that they can more easily regain control of their accounts if they are stolen or hijacked, or if there is some other kind of problem with their accounts.
  • Turning on the two-step verification protection for their Google Accounts so that identity theft and hijacking problems can be more easily prevented.

"We'll continue to work hard to protect our users and help make the Internet a safer place for everyone from threats like identity theft and online fraud," wrote Chavez. "And to keep identity theft from making the consumer complaint list for a fourteenth year in a row, we look forward to working with other companies, NGOs [non-governmental organizations], and the public sector on identifying emerging security threats and improving consumer education efforts."

Earlier in February, Google described some of the many steps the company is taking to bolster its Gmail defenses against hackers and spammers, including changes in its response tactics to keep up with changing attack methods.

Nowadays, instead of receiving cold-call spam messages from senders (which are routinely stopped by spam filters developed over the years), spammers have turned to hijacking old email accounts of people who users might have communicated with in the past. To hijack the accounts, they steal or illegally buy stolen user names and passwords and then use the accounts to send out their messages. Because recipients might recognize the names of the alleged senders, they might open the messages and their attached payloads, which can be harmful.

Google's specialized anti-spam tools can come into play in those cases today, requiring account holders to answer some simple questions that authenticate them as the real account holders.

Using security measures like these, Google said it has been able to cut the number of compromised accounts by 99.7 percent since the peak of these hijacking attempts in 2011.