How does it usually start?

Phishing, data breaches, malware, or physical document theft provide enough PII for criminals to impersonate victims.

Strong ID proofing at signup, phishing-resistant MFA, and anomaly detection on devices, IPs, and behavior. Fast incident response limits damages.

What should victims do?

Report to the institution and authorities, freeze credit, rotate credentials, and monitor statements; institutions should assist and investigate promptly.

← Back to Glossary

Identity Theft

Overview

Identity theft occurs when someone unlawfully uses another person’s personal information to open accounts, conduct transactions, or obtain benefits. In financial services, it drives new-account fraud, account takeover, and application fraud. Controls include robust identity proofing, behavioral analytics, velocity limits, and step-up authentication for anomalies. Post-incident processes matter: rapid credential revocation, session killing, and dispute handling reduce harm. Education helps customers spot phishing, vishing, and malware that harvest credentials or documents. For compliance, institutions must document prevention measures, respond to victims fairly, and file SARs when patterns suggest organized crime. Data minimization and strong authentication (e.g., passkeys) shrink the attack surface.

Stay ahead of risk with Signzy

Explore tools that help you onboard, monitor, and verify with confidence

Transaction Monitoring

Real-time transaction monitoring and analysis to identify suspicious activities and ensure regulatory compliance across all financial operations.

Biometric Verification

Authenticate users securely using facial, fingerprint, or liveness biometrics powered by AI. Prevent identity spoofing and stay compliant.

Database Verification

Verify user information instantly by connecting to trusted databases across jurisdictions. Ensure accuracy, compliance, and faster onboarding with real-time data checks.