Identity Theft & Identity Fraud

What is Identity Theft?

Identity theft refers to the preparatory stage of acquiring and collecting someone else’s personal information for criminal purposes. As of January 8, 2010, Senate Bill S-4 became law, making it illegal to possess another person’s identity information for criminal purposes.

What is Identity Fraud?

Identity fraud is the actual deceptive use of the identity information of another person (living or dead) in connection with various frauds (including for example personating another person and the misuse of debit card or credit card data).


  • Identity theft techniques can range from unsophisticated, such as dumpster diving and mail theft, to more elaborate schemes.
  • Technology, mainly the Internet, facilitates more elaborate schemes, such as skimming, phishing, and hacking as criminals gather profiles of potential victims. Computer spywares and viruses, designed to help thieves acquire personal information, are an emerging trend.
  • Victims of identity theft or fraud can experience financial loss and difficulty obtaining credit or restoring their “good name”.
  • The Canadian Anti-Fraud Centre (CAFC) maintains statistics on the complaints they receive.
  • In 2009, the CACF received identity fraud reports from 11,095 Canadian victims, totaling a loss of more than 10 million dollars. This represents an increase of more than 1 million dollars of what was reported in 2008. Payment card fraud was the most commonly reported incident, and yet, many instances of identity theft and fraud go unreported.

Information sought

Identity thieves are looking for the following information:

  • full name
  • date of birth
  • Social Insurance Numbers
  • full address
  • mother’s maiden name
  • username and password for online services
  • driver’s license number
  • personal identification numbers (PIN)
  • credit card information (numbers, expiry dates and the last three digits printed on the signature panel)
  • bank account numbers
  • signature
  • passport number

The new legislation on identity theft provides a complete list of identity documents.

The new section 402.1 of the Criminal Code lists the definition and examples of identity information.

What your information could be used for

Criminals can use your stolen or reproduced personal or financial information to:

  • access your bank accounts
  • open new bank accounts
  • transfer bank balances
  • apply for loans, credit cards and other goods and services
  • make purchases
  • hide their criminal activities
  • obtain passports or receive government benefits

Using identity theft to facilitate organized criminal and terrorist activities also appears to be a growing trend.

How can you find out if your identity was stolen

The best way to find out is to monitor your hard copy or on-line financial accounts frequently and to check your credit report regularly for any unusual activities. If you receive calls from collection agencies about unfamiliar accounts, or if you applied for credit and were unexpectedly turned down, you should investigate further.

Report it

If you suspect or know that you are a victim of identity theft or fraud, or if you unwittingly provided personal information or financial information:

  • Step 1 – Contact your local police force and file a report.
  • Step 2 – Contact your bank/financial institution and credit card company
  • Step 3 – Contact the two national credit bureaus and place a fraud alert on your credit reports.
  • Step 4 – Always report identity theft and fraud. Contact the Canadian Anti-Fraud Centre

Stop it

Prevention is the best way to deal with this crime:

  • Identity theft can occur over the Internet or telephone, or via fax or regular mail. Therefore, be particularly wary of unsolicited e-mails, telephone calls or mail attempting to extract personal or financial information from you.
  • Ask yourself if you really need all of the identity documents you carry in your wallet or purse. Remove any you don’t need and keep them in a secure place instead.
  • Periodically check your credit reports, bank and credit card statements and report any irregularities promptly to the relevant financial institution and to the credit bureaus.
  • During transactions, it’s safer to swipe your cards yourself than it is to allow a cashier to do it for you. If you must hand over your card, never lose sight of it.
  • Always shield your personal identification number when using an ATM or a PIN pad.
  • Memorize all personal identification numbers for payment cards and telephone calling cards. Never write them on the cards.
  • Familiarize yourself with billing cycles for your credit and debit cards.
  • Trash bins are a goldmine for identity thieves. Make sure you shred personal and financial documents before putting them in the garbage.
  • When you change your address, make sure you notify the post office and all relevant financial institutions (your bank and credit card companies).


Canada is #3 in Cyber Breaches

The importance of obtaining cyber insurance has again hit home, following the release of a report that found by mid-2018, Canada was the country with the third most cyber incidents in the world and ninth most exposed records.

Last month, Risk Based Security in Richmond, Va. reported data as of June 30 showing the United States had, by far, the most incidents per country at 1,074. United Kingdom was second with 62 and Canada third with 48 incidents.

Canada ranks 18th worldwide by gross domestic product and 38th worldwide by population, according to the CIA World Factbook.

Of the 48 breaches reported in Canada, a total of 12,551,574 records were exposed, with an average of 261,491 records exposed per breach.

That Canada had the third most cyber incidents in the world is not surprising considering Canada continues to be one of the most “wired” countries in the world, according to the Canadian Internet Registration Authority (CIRA). CIRA reported nearly 87% of Canadian households are connected to the Internet; Canada ranks 16th globally in terms of Internet penetration in 2013, up from 80% in 2010.

The country has seen several breaches recently. Air Canada reported in late August it detected “unusual login activity,” warning that 20,000 customers may have had their personal information improperly accessed due to a mobile app breach. In mid-May, Ontario’s Algonquin College had an incident involving “unauthorized and illegal access by hackers on one server infected with malware.” More than 4,500 students and alumni may have had information such as date of birth and home address exposed.

The healthcare and financial services sectors are typically at the top of the list in terms of industries affected by a breach. According to the Data Breach QuickView Report from Risk Based Security, globally, the finance and insurance sector saw the highest distribution of incidents (52 incidents, or 16.5%). This was followed by healthcare (62 incidents, or 14.7%) and public administration (92 incidents, or 12.5%).

Worldwide, 2,308 breaches were reported through June 30, exposing approximately 2.6 billion records.