Identity theft is happening all the time, but criminals do have some favorite days, times, and even dates on the calendar. For example, there's one day of the year that especially appeals to identity thieves—your birthday.
Identity thieves love to lurk on social media sites like Facebook, Twitter, and Instagram and will notice congratulatory messages sent by friends and family to note your birthday. Unfortunately, an ID fraudster can use your birthday as a piece of the puzzle to capture your identity and commit identity theft.
That's good reason enough to keep your birthday off of social media. Keep it away from scammers by using your social media settings to delete your birthdate and keep other personal information out of sight.
Different Days and Times For Different Types of ID Theft
Overall, computer hackers are increasingly focused on plying their trade on weekdays, during the traditional nine-to-five workday, as they focus on breaking into corporate accounts. Data shows that 83% of spam is sent on weekdays, with Tuesday targeted by the most spamming activity, with Wednesday and Thursday close behind.
83% of spam is sent on weekdays.
On an hour-by-hour basis, identity fraud thieves start early, as early as 1 AM EST, to target workers in Europe before they get to the workplace, and continue on to focus on U.S. workers with spam activity. Their work is usually done by 4 PM EST.
A Case of the Malware Mondays
Mondays are the day of the week most likely to see targeted attempts to plug in malicious software, also known as malware, onto computer networks. That's because Monday is the first day of the week in the office, and workers are opening emails gathered over the weekend—phishing fraudsters set their traps before the work week begins in earnest.
Wednesdays and Thursdays are the favorite days of the week for phone scams, according to a study by First Orion, a data technology provider. The study also notes that weekends—especially Sunday—are the least likeliest time for identity thieves to call potential fraud victims.
In addition, when identity thieves do strike, it's usually between 3 pm and 6 pm ET, when individuals are more tired and distracted, the study notes.
Just like phone-related fraud, email fraud and phishing attacks tend to pick up in the middle of the week, when more workers are in the office, and more of them can potentially click on links that can trigger ID fraud. (Mondays and Fridays are the days of the week when staffers are less likely to be in the office.)
Thursday seems to be the favorite day for email spammers, according to IBM X-Force, as fraudulent email attachment activity rises by 38% over average weekday volumes. Wednesdays were the second busiest day for email spammers, followed by Mondays, Tuesdays, and Fridays.
Email fraudsters also want to target workers early in the day, as soon as they get to their desks and open their emails.
That's when employees are most likely to open emails and click on links, and not yet into the flow of the workday when they're likely thinking more clearly than they are first thing in the morning, IBM reports. Email spammers also can expect workers to click on phony emails quickly. About 90% of phony click links happen within the first 24 hours of delivery, with 50% occurring within an hour; 25% of spam-related clicks occur in 10 minutes or less.
Data also shows that the longer a phony URL email link is in an email inbox, the more likely it is that the end user will click on that link. Before clicking on a suspect link, hover your mouse over it to see what the actual URL looks like. Look for warning signs, such as the URL doesn't begin with "https" or the URL goes somewhere other than where the hyperlinked text says it will go.
Security experts advise email users to delete suspicious emails as soon as they see them, to get them into the trash bin quickly before they forget to hit the delete button.
Buying Time with Bank Check Fraud
Another form of identity theft that is time-leveraged by scammers is check fraud. Bank check thieves like to strike with a fake check later in the week and have the bogus check deposited on Friday or Saturday.
That deposit date means the check will take longer to clear, and by the time the victim of the fraudulent check realizes the check is no good, the thief is long gone. Also, banks don't usually refund a customer who's been victimized by bank check fraud without a lot of diligence (read one awful story of check fraud here).
Check thieves can also steal a check from an unsuspecting consumer right from their mailbox, or via retail store theft when an individual isn't paying close attention, or when a retail employer copies a check issued by a customer, then proceeds to use that to create a bogus check, at the expense of the customer.
Checks include data that ID thieves love -- bank account name and routing number, bank account number, name, address, and the check user's signature.
Consequently, using checks sparingly or not at all takes away a big target from identity thieves.
Seasonal Identity Theft and Fraud
Dates and times aren't the only calendar-based periods favored by identity thieves.
Seasonally, for example, early spring is a favorite time for identity thieves to strike, as that's when millions of Americans are compiling and filing their taxes.
Tax fraudsters are counting on tax filers to be careless about their financial documents, as taxpayers tend to get frazzled and distracted.
Security experts advise taxpayers to file early, ideally in January and February when identity thieves are less likely to be active. It's also advisable to file your taxes online and not leave your hard copy return in your mailbox for a criminal to steal.
The holidays can also be a favorite time for scammers to hit since there are often people who want to give to charitable causes and many consumers are shopping for gifts. To protect yourself against phony charities, check into any organizations before donating to make sure they're legit.
To Guard Against ID Theft, Check the Calendar
To better protect yourself from identity theft at any hour, or on any day of the week, adopt the fraudster's mindset and leverage the calendar too.
For instance, individuals should organize their key documents in one safely-stored place. They should also shred outdated forms, account statements, and other documents, and avoid leaving any checks or envelopes in their mailbox.
It's also a good idea to backup your digital data to a cloud-based storage account on a daily basis. That secures your digital data, and allows you to recover it in the event you're hit with a computer virus or other cyber attack.
On a weekly basis, you should be checking your computer, laptop, tablet, and/or mobile phone to check on updates to your operating systems and software. Make it a point to install any data security fixes or patches sent your way on a specific day of the week, making it less likely you'll forget to do so.
If You're the Victim of Identity Theft, Act Fast and Act Smart
No matter the day, month or time of year, act quickly and decisively to protect yourself if you discover you've been the victim of identity theft. The actions depend on the type of identity theft or what is stolen; for example, if your Social Security number is stolen there are different steps than if your credit card number is compromised.
Here are some additional resources to help with dealing with the aftermath of identity theft:
- Use Experian's online Identity Theft Assistance center for a step-by-step guide.
- Learn what to do if you're part of a data breach.
- Know what to do if your Social Security number is stolen.
- Take immediate action if your credit card or debit card is part of a data breach.
Let's face it, identity thieves are increasingly active and are getting more sophisticated about choosing the ‘right' time to strike.
Take the initiative and use the calendar to your advantage, too, and fight back against fraudsters who favor specific days and times to try and steal your identity.
Editorial Disclaimer: Opinions expressed here are author's alone, not those of any bank, credit card issuer or other company, and have not been reviewed, approved or otherwise endorsed by any of these entities. All information, including rates and fees, are accurate as of the date of publication.
This article was originally published on April 26, 2018, and has been updated.