Home Security Heroes independently tests and reviews every product. We may earn a commission when you buy through our links. Read more here.
I have had my identity compromised. It sucks. And while I shudder to think about what the thief did with the stolen information, it has forced me to develop good online security practices and get the best identity protection services.
Identity theft cases are rising globally, especially in the United States.
The US Federal Trade Commission received nearly 1.4 million identity theft fraud reports in 2021. Apparently, this was fuelled by uncertainty over COVID-19.
But while COVID contributed to this surge, there have been countless identity theft cases long before the pandemic.
In fact, the earliest identity theft case can be traced back to 1548, when an imposter took over Martin Guerre’s identity and lived as him until the real Martin returned.
If you fancy a bit of biblical story, then the first reported identity theft could well be between Jacob and Esau.
But we’re not about to go that far.
Many identity theft cases in recent years are enough to blow you away.
I will try to cover as many cases as possible and the lessons you should learn.
Hopefully, these events will highlight how far a scammer can go to steal your identity. And the terrible consequences that you might suffer – like financial loss, prison, or even death.
I’ll tell you what I do to protect against these scammers at the end of this article
In the meanwhile, if you are looking for the best way to protect your identity online – you need to lock in our OFF discount on Aura for life, today!
Famous Identity Thefts Cases
1. The Tinder Swindler
There’s a good chance you’ve seen the Netflix documentary, The Tinder Swindler.
If you haven’t, it’s a true crime documentary about an audacious scammer, Shimon Hayut, who posed as a wealthy businessman on Tinder.
Hayut tricked unsuspecting women with his supposedly lavish lifestyle and built fake relationships with them.
After gaining their trust, he would then tell his victims that business rivals were after his life and ask for their credit cards and loans.
Of course, he didn’t pay back. They never do.
As a result, many of Hayut’s victims are now burdened with crippling debt because he maxed out their credit cards.
According to The Times of Israel, he defrauded his victims of $10 million in two years.
Lessons You Should Learn
The Tinder Swindler is a classic example of a romance scam.
It’s a type of scam where scammers use love and romance to gain a victim’s trust.
When you finally find your dream match, they ask for money, gifts, or favors.
Unlike Simon Hayut, not all romance scammers will pose as wealthy people. While you’ll likely find sugar daddies and mommies, the core of this scam is building a romantic relationship with you online.
Anyone can fall victim to a romance scam – whether young or old. And the estimated 73,000 romance scam victims of 2022 alone will tell you that, too.
These Americans lost over $1 billion because they thought they found their knight in shining armor or their queen.
Romance scammers move fast. They’ll often declare their love quickly and make you do the same. Once they build a rapport, they start conjuring up different sob stories – their daughter has cancer, or a loved one needs emergency care.
It could also be the promise of an investment with a guaranteed ROI.
Don’t fall for it.
As a rule of thumb, never give money to someone you have only ever met online.
2. Phillip Cummings Stole 33,000 Credit Reports Which Cost Victims Between $50-100 Million
At the time it happened, Philip Cumming was responsible for the largest identity theft case in US history.
Cummings worked as a help desk for a software company in Long Island. After quitting, he took a spreadsheet containing customer login credentials.
Between 2001 and 2002, he sold customers’ credit reports to scammers for around $30 each.
The criminals he sold the sensitive information to netted between $50 to $100 million from roughly 33,000 customers.
Cummings pleaded guilty and was sentenced to 14 years imprisonment in 2005.
Although he claimed he didn’t know the con artists would take that much money, the judge said he caused “almost unimaginable” damage.
This scam is an example of a data breach.
A data breach is when criminals assess a company’s database and steal sensitive information.
Since Cummings’ scam, data breaches are now happening at an unprecedented rate – almost every 11 seconds.
To protect yourself, make sure you limit the amount of sensitive information you give companies and services you sign up for.
Protect your banking information, credit file, and social security number (SSN).
You should also review credit card transactions and bank statements regularly. Each credit bureau, Experian, Equifax, and TransUnion, provides a free annual credit report.
Scammers might initiate small transactions to see if you’ll notice. If you or your financial institution don’t flag them, they’ll make more expensive purchases.
3. Nicole McCabe Was Framed for Assassination
When most people think about the worst that could happen from an identity theft case, it’s usually financial loss.
But not always.
A con artist with your identity can do absolutely anything they want.
It just so happens that most scammers WANT money.
However, what happens when the scammer doesn’t need money?
Nicole McCabe knows a thing or two about this.
In 2010, Australian Nicole McCabe’s identity was allegedly stolen by the Israeli Intelligence Agency, Mossad, and used to assassinate Mahmoud Al-Mabhouh, a Hamas leader, in Dubai.
Imagine being framed for murder. How did it happen?
Her passport had been reportedly compromised.
McCabe was in her car when she heard the assassination news on the radio. And to her surprise, her name was also listed among the suspects.
Apparently, the assassination squad stole her identity along with two other Australians – Adam Korman and Joshua Bruce – to commit the crime. Many other people from the UK, France, Germany, and Ireland had their identities used.
McCabe was lucky because the identity theft was quickly reported, and the issue was resolved.
But not everyone will get off easily.
Her case demonstrates why you must keep sensitive documents, such as bank statements, medical reports, and passports, safe.
If these documents get into the wrong hands, they could be used to perpetuate terrible crimes.
And if you don’t have McCabe’s luck, you’ll find yourself in prison – or worse, on death row.
You can keep confidential materials in a safe or even in the bank.
4. Abraham Abdallah – the Crooked Robinhood
We all know the story of Robinhood. He stole from the rich and gave it to the poor.
Abraham Abdallah targeted the rich, but unlike Robinhood, he didn’t give to the less fortunate.
The con man gained access to the brokerage accounts and credit card numbers for up to six months. He used cell phones, faxes, and delivery services.
With his scheme, Abdallah accessed up to 217 accounts, including those belonging to Warren Buffet, Steven Spielberg, and Oprah Winfrey.
Fortunately, he was caught before all the illegal transactions could be completed – an amount totaling over $22 million.
After admitting to identity theft, wire fraud, and credit card fraud, Abdallah reportedly served 11 years in prison.
Perhaps the biggest lesson with Abdallah’s case is that cyber-criminals can target absolutely anybody. Regardless of social status or wealth, these con artists can and will use your identity to commit crimes if you’re not careful.
Abdallah’s credit card fraud was one of the earliest cases in the digital age.
Since then, scammers have become more creative and now have access to sophisticated technology.
This has made it all the easier to complete scams.
Like in the case of Cummings, it’s important to protect your credit file and other personally identifiable information.
When signing up for an organization that requests your sensitive information, ensure you ask how your documents will be used and who has access to them.
The next case will highlight how cyber-criminals have become highly sophisticated.
5. Amar Singh and His Wife, Neha Punjani-Singh
Amar Singh and his wife Neha Punjani-Singh entered a guilty plea in a $13 million scam.
They stole credit card numbers from victims and sold the information to buyers of fake cards, who then used it to make purchases worldwide.
The shoppers allegedly rented private jets, high-end cars, and five-star hotels using fake credit cards. When customers swiped their cards at retail or dining establishments, the attackers (Singh) used a skimming device to steal their personal information.
Singh received a sentence of less than 12 years in prison.
According to the FTC, credit card frauds top the list of identity theft cases.
If you don’t want to be like Cummings’ or Singh’s thousands of victims, the best thing to do is freeze your credit.
No one can request or see your credit report. So, no one can open an account, apply for a loan, or get a new credit card while it’s frozen.
This service is free, it won’t impact your credit score, and you can temporarily lift the credit freeze whenever you want.
Other safety precautions include requesting annual credit reports, collecting physical mail daily, and reviewing bank statements and credit card transactions.
6. Senita Dill and Ronald Knowles SSN Fraud
Senita Birt Dill and Ronald Jeremy Knowles illegally acquired names, dates of birth, and Social Security numbers from 2009 to 2012.
They submitted over 1,000 false tax returns and received fraudulent tax refunds totaling more than $3.5 million.
Dill and Knowles filed and turned in false federal and state tax returns using tax preparation software.
The information on those filed returns was fake, including the amount of federal tax withheld and the income.
Afterward, they deposit their IRS refund check into a personal account.
The criminals were given prison terms of 324 and 70 months, respectively, and were required to pay the IRS $3,978,211 in restitution.
Dill and Knowles’ scam highlights the importance of protecting your social security number (SSN).
A hacker with your personal information like name and address can use your SSN, especially the last four digits to steal your money, open accounts in your name, and apply for government benefits.
They might even get tax or healthcare refunds in your name.
Never reveal your SSN in emails, phone calls, or text messages.
A criminal with your SSN can use it to access other personally identifiable information.
It’s also important to educate your children on why they shouldn’t reveal sensitive information to people on social media.
Children and seniors are more prone to identity theft frauds, especially those perpetrated by supposed friends or lovers.
Protect your social number as best as you can.
7. Russian Hackers Send Phishing Email to an American Politician
Some people find out they’ve been a victim of identity theft just right before college.
Others find out during a presidential election.
John Podesta fell for a classic email phishing scam while he was the chairman of Hilary Clinton’s presidential campaign.
Russian hackers posed as Google and emailed Podesta to change his password due to an “unusual activity.”
However, the link redirected to a malicious website where the hackers accessed his email account.
Once they broke in, the hackers released thousands of secret and reputation-damaging emails.
Right in the middle of a presidential election.
Lessons to Learn
Although most people will spot a phishing scam easily, cybercriminals have become increasingly creative.
This type of scam is called spear phishing.
In this kind of cyberattack, the perpetrators gather information about their target and create a scheme they are likelier to fall for.
Spear phishing can also target a group of people, such as seniors of age 60 and above. For example, these people are more likely to have medical issues and be confused about Medicaid and other healthcare programs.
In Podesta’s case, the hackers knew he would be nervous about a potential cyber-attack before the election. So, they preyed on his fears to gain access to his account.
Here’s how to identify and protect yourself from phishing scams:
- When the email is from an unexpected domain, e.g., Google-service or Google-support.com instead of Google.com.
- Don’t respond to emails where the sender’s name differs from the email address.
- Phishing emails usually try to strike fear into you to create urgency and get you to respond quickly.
- There could be spelling and grammatical errors.
- If the email claims to be from the IRS or other government agencies. The IRS does not use text messages, social media, or emails to discuss tax debts or refunds.
- Don’t respond to emails with scrambled links or unknown attachments.
Ensure you, your kids, and older adults understand how frequent phishing emails are and protect yourselves against these attacks.
8. The EminiFX Cryptocurrency Ponzi Scheme
They say cryptocurrency is the new gold.
But the victims of EminiFX will wish they didn’t believe the company’s CEO, Eddy Alexandre.
According to the FBI, Alexandre used his crypto ponzi scheme to dupe unsuspecting victims up to $59 million.
EminiFX promised investors a “guaranteed” 5% to 9.99% weekly return.
They jumped on it. And Alexandre eventually received almost sixty million dollars.
In reality, most of their money was never invested. Instead, Alexandre took at least $14.7 million into his personal account and bought a BMW with another $168,000.
He pleaded guilty in February 2023, agreeing to forfeit over $248 million. He currently faces up to 10 years in prison.
Cryptocurrencies lack regulation, which explains why scammers like using them.
They will likely create FOMO (fear of missing out) by promising enormous returns. Then, they steal the money that people “invest” or pay out earlier investors, which keeps the scam going.
But only for some time.
The more they pay earlier investors, the more people believe it could be real and keep reinvesting. Once they’ve got enough, they’ll run.
Investment schemes often come with an unbelievable guaranteed return – which is why you shouldn’t believe it.
If it is too good to be true, it probably is.
9. Kenneth Gibson – the Man Who Stole 8,000 Identities
Kenneth Gibson was an IT professional for a software bigwig from 2012 to 2017.
And like Cummings, he had access to the private information of thousands of people, including clients and fellow employees.
Unfortunately, he took advantage of this privilege.
Gibson built a computer software that would automatically create fake PayPal accounts in people’s names using information from the company’s database.
Then, he would use the stolen identities to apply for new credit accounts linked to the fake accounts he created.
Gibson eventually succeeded in creating over 8,000 accounts.
He would only transfer small amounts of money, take cash advances from the credit line, and use his debit card to access the cash.
This helped him continue the scam until he netted around $3.5 million from his victims.
Kenneth Gibson’s scam demonstrates why you must monitor your credit card transactions.
As I mentioned earlier, many scammers will test the waters with a small transaction before making an expensive one.
In Gibson’s case, he didn’t need to make a bigger purchase because he had thousands of accounts to steal from.
His scheme might have still been running till today had he not become careless.
Gibson would usually get cash from an ATM. However, he requested a check from PayPal and one occasion.
The name on one of the checks matched a victim’s name, which gave him away.
He was given a 4-year prison sentence in 2018, had to pay $1 million as compensation, and sold his assets to repay the amount he stole from his victims.
If you didn’t initiate a transaction, report it immediately, no matter how small.
10. SIM Swapping Scam on Jacy Erin
In Jacy Erin’s case, hackers broke into her mother’s email account, stealing sensitive information. This included her phone number and credit card information.
Then, they contacted her phone number to reroute all incoming calls to Erin and her parents to their phones.
Erin found out early and changed her family’s phone service.
But the deed had been done.
A few days later, Erin’s father learned that the scammers had used his credit card to spend almost $40,000.
Of course, the credit card company suspected foul play due to the odd purchase.
But due to the earlier phone service rerouting, the calls went directly to the fraudsters.
In a SIM swapping scam, a scammer contacts your mobile phone provider and pretends to be you to get them to activate a new SIM card.
This means the fraudster now has a SIM card with your personal information, enabling them to receive your calls or texts.
Unfortunately, this lets them bypass security fraud alerts and two-factor authentication.
To prevent a SIM swapping scam, call your service provider to lock your phone number or SIM to your account.
You’ll typically need to create a secure PIN which only you know.
This means any scammer that wants to “port” your number to a new phone must enter the PIN you’ve created.
Chances are that the scammers will not know this information.
Although unfortunate, Erin’s case demonstrates how scammers can use one weak link in the family to exploit other family members.
This is why it’s essential to protect your children from identity theft. They are the most vulnerable demographic to ID theft.
Once there is a fraud attempt on any family member, or someone close to you who has been a victim, take urgent measures to secure your account.
11. Nakeisha Hall – the IRS Staff
Many identity theft cases involve the IRS.
For example, a scammer calls pretending to be from the IRS and talks to you about tax refunds, etc.
However, what if the scammer actually works for the IRS?
In 2016, Nakeisha Hall pleaded guilty to using taxpayer information to defraud hundreds of victims of $1 million.
Hall was given a nine-year, two months sentence and was required to pay the IRS $438,187 in restitution.
Hall worked in several IRS offices from 2000 to 2011. The IRS Taxpayer Advocate Service in Birmingham, Alabama, was one of them.
The department was created to help taxpayers who had become identity theft victims.
Since the ID theft came from IRS staff, this is quite tricky.
However, many victims would have avoided this scam if their credit files had been frozen.
You can freeze your credit when not in use and unfreeze it temporarily whenever you want.
This case also demonstrates why you shouldn’t trust anyone – even IRS staff.
It’s important to do your due diligence and beware of contacts that request your personal information.
12. Turhan Lemont Armstrong and the Real Estate Fraud
Real estate is one of the most profitable places to invest in. That’s why scammers use it to entice unsuspecting victims.
Turhan Lemont Armstrong was at the heart of a long-running credit card, loan, and real estate scheme that saw him net $3.3 million using stolen identities, especially children’s.
Armstrong was charged with 51 counts and found guilty on all.
One peculiar thing about this scam is that it targeted the SSNs of children who had left the country.
That’s because these people were more unlikely to monitor their credit reports.
He used these stolen identities and SSNs to open bank accounts, obtain credit cards, apply for loans, set up shell companies, and buy homes and cars.
Armstrong was sentenced to 21 years in federal prison and ordered to pay $3,305,609 in restitution.
This case demonstrates the importance of protecting your children from identity theft.
Around 1 in 50 children become identity theft victims annually.
Scammers can use your child’s credit to stack up debts. And when it’s time to pay for college, you’ll be stuck with unpaid debts.
Here are some steps to protect your child from identity theft:
- Freeze their credit file, especially kids who don’t need it yet. Your child can reverse the credit freeze when they’re grown.
- Always check your child’s credit report. This is especially important if you’ve not opened a credit file for your child, but they already have one. Use AnnualCreditReports.com to request a free copy.
- Teach your child to be safe online and not reveal sensitive information like SSN, address, or phone numbers to anyone.
- Wipe your kids’ old devices before giving them away.
- Create secure passwords for your children, including 2FA.
- If you receive bills and credit offers in the mail or messages from the IRS addressed to your child, report identity theft immediately.
13. How David Matthew Read Impersonated Demi Moore and Spent Over $169,000
In 2018, David Matthew Read impersonated Hollywood actress Demi Moore.
The 35-year-old con artist reported that her no-limit American Express card had been stolen.
Read had found Moore’s SSN and other personal details online.
Armed with this sensitive information, he intercepted the new card at a FedEx facility pretending to be Moore’s personal assistant.
A 25-day shopping spree followed. And this saw Read spend over $169,000 in luxury stores.
Read wasn’t going to enjoy the money for long as the FBI identified him and another accomplice from surveillance footage of them using the card to make purchases.
The scammer was sentenced to 70 months for his identity theft scheme, including three years of supervised probation and full restitution.
14. Luis Flores Impersonated Kim Kardashian
It seems there is no end to people stealing celebrities’ identities.
But 19-year-old Luis Flores Jr. took it to the next level when he called American Express and claimed to be Kim Kardashian.
He tried to change her SSN and address to his own so that he could receive new cards.
As expected, the credit card company got suspicious and reported Flores and his mom to the Secret Service.
Apparently, Kim Kardashian was the least of his targets.
Investigators found a flash drive containing the private data of Bill Gates, Michelle Obama, Beyonce, and even Paris Hilton!
The drive had their SSN, personal details, and credit card accounts.
But that’s not all.
Flores was also linked to identity theft cases involving fraud against Stacia Hylton, the US Marshals Service Director at the time, and Robert Mueller, a former FBI director.
You’ve got to have some nerve to steal the identity of an FBI director.
He and his mother ordered replacement cards using the personal information and changed the victims’ addresses and phone numbers on their accounts. Then, they made numerous wireless transfers from the targeted accounts to their own.
The internet has made it super easy for people to put out personal information online.
Don’t be that person.
Read found Moore’s personal info online.
It’s important to keep details like your SSN, banking statements, credit card information, passports, birth certificates, etc., from social media.
Flores and his mom also compiled the personal data of multiple people to exploit them.
While their targets were mostly celebrities, scammers can easily defraud a regular person who puts their personal information online.
15. The Fake Hostage Phone Call
An Indiana woman received a fake hostage call from scammers who said they had her mother and would kill her.
The victim received what appeared to be a call from a scammer telling her they had a gun to her mother’s head and would shoot if she didn’t send $1,500 to their Venmo.
She could hear a woman screaming in the background, so she was unsure.
The victim was terrified and sent the money immediately.
After the call, she phoned her mom immediately.
You guessed right – her mom was perfectly fine.
Lessons to Learn
This type of scam is called a hostage scam.
The scammer typically “spoofs” their phone number, making it look like the call was from the victim’s number.
Fraudsters can gather information from your social media and online footprint to know if you’re a possible target.
Another example of this scam is called the grandparent scam. This is when a fraudster calls a senior and pretends to be their grandchild who needs urgent financial help.
The fraudster may also claim that they’re calling on behalf of the grandchild.
For example, an elderly woman in Ohio was scammed of $20,000 in 2019 when the scammer pretended to be law enforcement.
The fraudster said her grandson was under arrest and needed bond money to be released.
To avoid virtual kidnapping schemes, ensure you:
- Never make your dates, travel plans, or locations public.
- Have a secret code with your loved ones that they can use when they’re really in trouble.
- If you’re in doubt, hang up and call the number back.
- Keep the scammer on the phone while you try texting or calling the person supposedly in trouble.
How to Protect Yourself from Identity Theft Scams
The identity theft cases above are crazy. They also prove that identity theft can happen to anyone, from children to celebrities.
I know that I can never completely eliminate the risk of id theft, but I do my best to steer clear. My strategy involves two steps:
- Practice good hygiene
- Continually monitor
Here’s my 7-step process for practicing good online hygiene
- Use a password manager and make sure I have unique passwords for all my accounts
- Use 2-factor authentication on my email and financial accounts
- Monitor my credit on a monthly basis – I also freeze my credit with the bureaus
- Use a good VPN like NordVPN or ProtonVPN
- Use a good antivirus software like MalwareBytes
- Use a service like haveibeenpwned.com to search the web for data breaches I have been affected by
- Regularly scan my credit reports and public records to see if any unauthorized accounts have been opened in my name
In addition to this, I also use a good identity theft protection service like Aura, which constantly monitors my credit, public records as well as the dark web and notifies me immediately of any breaches I have been affected by.
I find Aura’s constant monitoring and theft insurance, together with my online hygiene checklist, help me sleep well at night.
You can read my Aura review here or how it is compared to other brand: Aura and LifeLock Head-to-Head
Get Aura Identity Protection If:
- You want the best identity theft protection service for your family
- You have assets worth protecting
- You like the peace of mind that Aura offers
- Up to $5M theft insurance
- Best in class credit and dark web monitoring
- White-glove threat resolution
- 24/7/365 Expert Customer Service
These identity theft cases show how far scammers are willing to go to steal your identity.
It also demonstrates how creative these fraudsters are getting and the sophisticated tech they use.
The best way to protect yourself and your family from being an identity theft victim is to keep sensitive information private.
Learn to identify phishing and social engineering tactics, and always monitor your credit file, transactions, and banking statements.
Related: What does LifeLock do?
If you have kids and older adults, they are the likeliest to be victims. Educate them on the importance of being safe online and help them create secure passwords with 2FA.
Don’t forget to use strong antivirus software such as Norton, McAfee, and Proton.
Life can be fast-paced, so it might sometimes be difficult. That’s why you should consider identity theft protection services.
Some examples are Aura, Identity Guard, IdentityForce, LifeLock, IDShield, ID Watchdog, and IdentityIQ.
haveibeenpwned.com is another useful resource to find out if your sensitive data has been affected by a data breach.
Last Updated on