Identity Theft Through Social Media

Written by Rafidah Abdul Aziz

We may have overlooked at the existence of Personal Data Protection Act 2010 (Act 709), which is aimed at protecting individuals’ personal information from falling into the hands of irresponsible parties, especially without permission, in the context of commercial transactions. Act 709 seeks to protect personal data from being misused by those who process, store or possess personal data of other individuals. Examples of personal data are names and addresses, identity card numbers, passport numbers, health information, e-mails, photos, images in CCTV, personal file information, bank account details and credit card details.


Image courtesy of Berita Harian.

Normally, these criminals obtain our personal information through third-party applications. Most social media sites have applications that request our permission to access to our social account information before we can install them. This is one way which allows hackers to steal our personal details and commit fraud. We may unconsciously share some of our personal details through our social media accounts, giving away information such as our full names, date of birth, pet names, hobbies, hometown, office and home addresses. The fraudsters can easily manipulate our personal details to do fraudulent activities. Every time we post updates of our activities on social media, we are putting ourselves at risk for identity theft. Updating our whereabouts may also attract burglars.

Everyone should be smart about what we post or update on our profiles. We can still enjoy engaging in social media sites without jeopardizing our personal details. Here are some tips to consider in avoiding crucial information from falling into the hands of criminals:

  • Be in control of the information we provide online. Never allow our personal information to be available to third-party applications.
  • Never provide our identity card (IC) numbers online.
  • Avoid giving out credit card details through third-party apps.
  • Consider changing a few details like date of birth (on social media).
  • Only invite or accept invitations from people we know. Avoid accepting strangers to our network.

Therefore, all of us must first assess the good and the bad before sharing personal data online so that the shared information will not bring any harm to our families, our friends and ourselves. Society should constantly take initiative to know and understand their rights as data owners before giving consent to other parties to access their personal information. Being cautious of how much information we share online, and how the information is used is the key to protect ourselves against fraud and identity theft.