this post was submitted on 25 Jul 2024
387 points (94.5% liked)

Technology

59055 readers
3173 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 months ago* (last edited 3 months ago) (1 children)

No, you can't steal someone's identity with their IP, that's not how that works, and a regular attacker can't figure out your IP anyway, unless you visit a website they control. And that info is pretty useless.

Identity theft happens with a breach of some service you trust. So maybe a bank will expose your SSN (or equivalent in whatever country you live in), and they'll cross-reference that with a breach in a streaming service that has credit card info (includes name, address, etc).

A VPN won't protect you from identity theft. Like, at all. That's not what it's designed for. What it does is three fold:

  • moves your IP to a different region
  • hides sites you visit from your ISP - make sure you're using DNS over HTTP as well
  • mixes your traffic with others - mostly makes tracking more difficult

None of that has anything to do with identity theft. If your VPN claims it does, then that's stupid marketing and they're probably hiding other issues they have (e.g. logging policy), and you should probably use a better VPN.

[–] [email protected] -1 points 3 months ago (1 children)

As someone who has had identity theft happen and hired lawyers to fix it, I'm going to trust those close to the case. My information was definitely compromised. And what won in court? The dumbasses put a location I have never been to. Which was why it was overturned.

I do hear what you say and agree with the fundamentals of your explanation. But my experience has shown that with even your location it can cost you thousands.

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago)

I don't use a VPN and had someone try to steal my bank account. When they tried to scam me, they also used an invalid location. They weren't trying to steal my identity, just my money, so it's not quite the same thing.

That said, identity thieves are just as lazy. They usually just buy some compromised credentials on the dark web and go to town opening credit cards and loans and whatnot. They don't compromise websites you visit to steal your location, it would be much easier to grab that from another breach (just cross-reference one breach with another).

So I'm standing by what I said, a VPN will do nothing to help here. Identity thieves and scammers don't coordinate with hackers that compromise websites to steal your IP. If they get far enough that they're pointing you toward a website they've created, a VPN isn't going to help, they're going after your login creds.

So again, get a VPN to hide your traffic from your ISP, limit tracking by advertisers (limited value, they can track through fingerprints), and appear to be in a different area for things like streaming services. But don't think that a VPN protects you from fraud, that's BS. Your best options are to freeze your credit, use secure passwords (password managers are great), enable MFA/2FA, and check your credit every so often (once or twice per year is fine).