10 Ways to Protect Staff From Identity Fraud

Preventing identity fraud involves staying one step ahead of fraudsters. Our identity is a valuable asset. Unfortunately, fraudsters are well aware of this.

Identity fraud is an action that often follows identity theft. Theft involves stealing a person's identity or personal information. Identity fraud goes a step further when the thief uses data without permission to commit fraud, often for monetary gain- for example to open an account, buy goods, or take out a loan.

Victims often don't even realise they've been targeted until they receive an invoice for something they didn't buy, have problems with their credit rating, or a letter from a debt collector arrives.

Key takeaways

• Identity fraud is when someone uses an individual’s personal data without permission to commit fraud, often for monetary gain.
• We recommend 10 ways to protect your staff from identity fraud, including mail redirection, not choosing obvious PINs and using strong passwords.
• Additional steps include checking privacy settings on social media, using anti-virus software, being careful when using public WiFi and considering Protective Registration.
• The final ways are not throwing documents away with personal details (unless you shred them), being cautious about giving personal info over the phone and reporting fraud.

How to protect your staff from identity fraud

1. Redirect your email
2. Don't use obvious pin numbers
3. Use strong passwords
4. Check your privacy settings
5. Use anti-virus software
6. Be careful when using public WiFi
7. Consider Protective Registration (PR)
8. Don't throw away anything with your details on it
9. Be cautious with giving details over the phone
10. Report fraud

According to figures released by the UK's leading Fraud Prevention Service, CIFAS, identity fraud accounts for 68% of all cases reported to the National Fraud Database (NFD). It is also one of the fastest-growing categories of fraud. In the first six months of 2025, more than 217,000 identity fraud cases were recorded – a record number.

Every age group has seen an increase in identity fraud, and there's been a 38% increase in the number of companies recorded as victims of impersonation.

So, how can you stay a step ahead of the fraudsters?

Top protection tips against identity fraud

1. Redirect your mail

The post contains valuable information for fraudsters. If you move house, redirect your mail. This will prevent your details from falling into the wrong hands.

Additionally, make sure your mailbox is secure. If you live in a communal area, ensure you have a lockable private post box.

2. Don't use obvious pin numbers

Using pin numbers that are easy to guess makes hacking a simple task. Stay away from codes such as 0000, 1234, 4321, or your date of birth - these are combinations fraudsters will try first.

3. Use strong and complex passwords

Choose three random words (e.g. dogmoonpurple) and break them up with numbers and characters (e.g. D0gm00npu4p!e), or better still, create a completely random string of letters, numbers and characters. Also, remember to avoid using the same password across all sites.

4. Check privacy settings on social media

Social media is brimming with personal information, and the percentage of fraudsters stealing identities through this medium is rapidly increasing. It is important to be careful with what you make public.

You can change your birth date, workplace and current location to private or only visible to friends in your social media settings. By doing this, you avoid giving strangers easy access to your personal information.

5. Use anti-virus software

Like most other computer users, you probably have documents on your local hard drive that contain personal information. Fraudsters often insert viruses in legitimate applications which you might download.

As a result, installing anti-virus and anti-malware software is important, as is keeping this software up to date. Download any updates as soon as they're available. They often contain security patches that help protect you against identity theft and fraud.

6. Take care using public WiFi

Public WiFi networks often lack strong security protections. This means they can be mimicked or hacked. Don't allow your WiFi to auto-connect to public networks, and turn your WiFi and Bluetooth off if you are not using them. If you have to use a public WiFi network, don't access sensitive apps from an unsecured hotspot, such as your online banking.

7. Consider taking out Protective Registration (PR)

If you've recently lost sensitive documents or a company has misplaced your data or it's been stolen, Protective Registration is an additional precaution to prevent fraud.

Even if you only suspect a fraudster has stolen your personal information, Protective Registration ensures any organisation using CIFAS is alerted that a fraudster might use your details. This prompts them to carry out additional check, helping ensure you are not a victim of identity fraud.

8. Don't throw away anything with your details on it

Before binning bills, bank statements or other documentation with your details, tear up or shred them. Don't leave anything containing your name, address or financial data in a visible place. Take care to guard your personal information as best as possible.

9. Be cautious with giving details over the phone

If you receive a call from your bank asking for your security details, never give them your password or login credentials. They would not ask for that information the phone. If you are concerned contact your bank from another phone to get clarity.

10. Report fraud

If you're a victim of identity fraud, report it to Action Fraud on 0300 123 2040.  Doing that can stop fraudsters in their tracks by allowing authorities to start working on your case.

Identity fraud: FAQs

How do people generally commit identity fraud?

Using methods such as phishing, social engineering, mail theft and skimming devices.

What are the consequences of identity theft for businesses?

Financial losses, regulatory fines, reputational damage and increased costs for fraud detection and prevention.

How can companies prevent identity fraud?

By using strong customer authentication (for example, multi-factor), fraud detection systems, encrypting sensitive data, conducting regular security audits and compliance checks, and educating employees.

Want to learn more about Fraud?

Our Essentials Library contains e-learning content designed to help organisations meet fundamental compliance requirements. If you are looking for focused training, our Fraud Prevention Protection and GDPR Training Package offers a complete solution for your compliance programme. Courses in the libraries include:

• Fraud Prevention Training Course
• Financial Crime Prevention Training Course
• Identity Crime Training Course
• Understanding Failure to Prevent Fraud (FTPF) Training Course
• Anti-Money Laundering & Counter-Terrorist Financing Training Course

We've created a comprehensive AML & CTF compliance roadmap to help you navigate the compliance landscape. If you would like to access leading insights and compliance tips, you can browse our free resources by topic to find guides, modules, compliance bites and more.