Almost 25,000 victims of fraud were aged under 30, with the number of under-21s defrauded rising by a third, the BBC reports.
The statistics, from 277 banks and businesses, show almost 173,000 recorded frauds in 2016 – the highest level since records began 13 years ago.
Cifas says people must be more vigilant about protecting their personal data.
The 172,919 incidents of identity fraud last year represents 53.3 per cent of all fraud recorded by Cifas, of which 88% occurred online.
The number of under-21s being defrauded rose from 1,343 in 2015 to 1,803 in 2016.
Last year also saw increases in victims aged over 40, with 1,869 cases recorded by Cifas members.
Cifas deputy chief executive Mike Haley said better education around fraud and financial crime was needed.
“With nine out of 10 identity frauds committed online and with all age groups at risk, we are urging everyone to make it more difficult for fraudsters to abuse their identity.
“We all remember to protect our possessions through locking our house or flat or car but we don’t take the same care to protect our most important asset – our identities.”
City of London Police Commander Chris Greany, who is national co-ordinator for economic crime, said: “With close to half of all crime now either fraud or cyber crime we all need to make sure we protect our identity.
“Identity fraud is the key to unlocking your valuables. Things like weak passwords or not updating your software are the same as leaving a window or door unlocked.”
In the last five years, both Luke Croydon and his partner have been victims of identity theft.
He says many people in the building they live in have been victims, because letterboxes are out on the street so bills are more easily stolen.
The thief then signs up to various credit accounts, and steals the cards when they are delivered.
The first you learn about it is when you see a statement with a sum of money in your name left in your letterbox, he explains.
He goes on to describe what he calls “a very troubling experience” and says: “You wonder what else they have done with that personal detail.”
If it’s only bank accounts, that’s one thing but you worry they might have signed up to websites or applied for a passport, he says.
It’s a mixture of anger for the person who has defrauded you, and fear for whether the bank in question is going to try and call in that debt that you didn’t build up, he adds.
According to Cifas, the vast majority of identity fraud takes place when a fraudster pretends to be an individual, so as to buy a product or take out a loan in their name.
Fraudsters get hold of the necessary personal material by stealing mail, computer hacking, obtaining data on the dark web, and exploiting personal information on social media.
They can also gather it though social engineering, where people give up personal information to someone pretending to be from their bank, the police or a retailer.
Cifas advises people to shred important paper documents – and use passwords, privacy settings and anti-virus software on their computers.
How to protect yourself from identity crimes
- Limit the amount of personal information you give away on social networking sites. Your real friends know where you live and know your birthday
- Update your computer’s firewall, anti-virus and anti-spyware programmes. Up to 80% of cyber threats can be removed by doing this
- Never share passwords or PINs (personal identification numbers) with others and do not write them down
- Use strong passwords and PINs – don’t use your date of birth or your child’s name, include a mix of upper and lower case letters, numbers and punctuation marks. Aim for a minimum of 10 characters in a password
- Do not use the same password or PIN for more than one account