Grand Duchy of Luxembourg
Advice & Guidance
I suspect someone is using my mailbox

SOS – Online Identity Theft

In Brief

Online identity theft can come as a result of the theft or loss of data. Identities are used for the unauthorised acquisition of knowledge, sending spam, the distribution of malware or for other harmful purposes. It is, therefore, important to counteract this theft as quickly as possible to limit the damage.

Generally speaking, identity theft arises from the theft of the victim’s authentication data.

How did this theft happen?

To defend yourself against identity theft, it is important to find out how your authentication data was lost:

  • a computer that was being used was infected with malware, which sent your identification data to the attacker;
  • you were a victim of phishing;
  • someone guessed your password;
  • the online application you were using is compromised;
  • you authenticated yourself on a potentially hostile network (open Wi-Fi, for example) without using encrypted communications.

However, there are also ways to steal someone’s identity temporarily without stealing the authentication data:

  • you authenticated yourself on a public computer and you forgot to log out;
  • your session was stolen on a potentially hostile network (you did not use encryption);

Measures to take

  • If you still have access to your account, change your password immediately, observing best practices, on a trustworthy computer (a computer which is not infected).
  • If you no longer have access to your account, contact the administrators of the application you used. Most online applications offer a service for the retrieval of stolen accounts.
  • Do not use computers that do not belong to you and follow best practices concerning malware.
  • Make sure you check that the website on which you enter your login information is properly secure, with ‘https’.