What is Identity Theft?
Identity theft is a crime where someone steals your personal information—such as full name, Driver’s License number, or Social Security number—to commit fraud. According to the FTC, identity theft is most often used for credit card fraud, tax fraud, and phone or utilities fraud. It can also take the form of medical fraud, loan or lease fraud, and bank fraud. In all of these cases, the thief will perform financial-related transaction in your name, which can ultimately cost you money and damage your credit. Many people do not realize right away that they are a victim of identity theft, and usually learn after receiving a bill for goods or services they did not buy, or after being denied a loan due to poor credit.
How Common is Identity Theft?
Identity theft is a pervasive problem that affects millions of Americans and costs billions of dollars each year. Research firm Javelin Strategy & Research stated in its 2018 Identity Fraud: Fraud Enters a New Era of Complexity report that there were 16.7 million victims of identity fraud in 2017, reaching a record high for the second year in a row. This accounts for 6.64 percent of American consumers. With increasingly sophisticated measures taken by criminals, such as account takeovers, new account fraud, and more complex data breaches that affected as many as 30 percent of American consumers, identity theft resulted in $16.8 billion in monetary losses in 2017.
Another report by the Identity Theft Resource Center, which tracks data breaches in the U.S., showed that in 2017 there were 1,579 data breaches exposing 179 million personal records. This represents a 44.7 percent increase over the record high number of breaches reported for 2016.
Similarly, the Federal Trade Commission’s Consumer Sentinel Network tracks consumer fraud and identity theft complaints on a national scale, drawing information directly from consumers, as well as from local, state, and federal filings. The Consumer Sentinel Network received 2.7 million complaints in 2017, of which 13.87 percent were related to identity theft.
Across the U.S., the density of ID theft victims varies widely by location. The five states with the highest number of per-capita identity theft reports in 2017 were District of Columbia, Michigan, Florida, California, and Maryland. The five lowest states were South Dakota, West Virginia, Vermont, Iowa, and Maine. State estimates are based on where the victim resides, not necessarily where the theft occurred.
As more consumers’ transactions move online, and as more data breaches occur digitally, identity theft risk will be increasingly relevant to consumers in all locations. Undoing the damage caused by identity theft can be time-consuming, expensive, and emotionally exhausting, which is why it’s important to take preemptive measures to decrease the likelihood of becoming a victim. Using data from its members, credit management platform Credit Sesame identified the most important steps you can take today to protect your identity, especially in this digital age.
How to Protect Yourself
Photo Credit: Milton Cogheil / Alamy Stock Photo
1. Shred Everything
Not just last month’s bank statement, but every item that contains your name, your address or any other information that identifies you or a family member can be used by criminals. Every day, the U.S. Postal Service processes and delivers 493.4 million pieces of mail, many of which have personal information. This might include mail from your child’s school, medical bills, and even junk mail. Sort through your mail right away, and anything you are not going to keep, put in a pile for the shredder.
Note that you don’t have to shred tons of paper—just shred the relevant sections off junk mail and magazines and recycle the rest. Store any sensitive information and documents you want to keep in a secure place in your home, such as a safe.
Photo Credit: Ammentorp Photography / Alamy Stock Photo
2. Don’t Disclose Your Personal Information or SSN
Did you know that the cable company and the doctor’s office don’t need your social security number, nor do they have a right to require it? You do need to provide it to banks and other financial institutions, but rarely to anyone else. The next time someone asks you for it, find out if your account can be set up without it. If the person says no, verify by talking to a supervisor. In the case of a utility provider, they may tell you that without it they can’t offer you credit and you’ll have to pay a cash deposit instead.
As with pieces of mail that you choose to keep, store your Social Security card in an inaccessible, secret location, preferably locked and never in your wallet. In addition, don’t respond to unsolicited requests for personal info by phone, email, or mail. If you do receive a phone call from a scammer who requests personal information, report the number to the National Do Not Call Registry of the FTC.
Photo Credit: Brian Jackson / Alamy Stock Photo
3. Read Your Mail Promptly
You might already check your credit card statements for unexplained charges, but you also need to review any paperwork that comes from your health insurance carrier to make sure no one is getting medical care in your name. When you are away on vacation or business, you should also place a hold on your mail so no one will steal it (and possibly your identity) in your absence.
Photo Credit: Vera Cepic / Alamy Stock Photo
4. Monitor Your Accounts Often
The smallest inconsistency in your bank account can be a sign that you have been a victim of identity theft. Promptly compare receipts with account statements and log in to your account on your bank’s website often to check for unauthorized transactions. Take advantage of bank/card issuer mobile alerts, which can do a lot of the watching for you and inform you of any suspicious activity. Javelin Strategy & Research estimates that account takeovers tripled over the past year, with losses reaching $5.1 billion in 2017.
Photo Credit: Cultura Creative (RF) / Alamy Stock Photo
5. Place Security Freezes and Sign Up for Fraud Alerts
Prevent criminals from setting up accounts in your name by placing a security freeze on your credit report. A security freeze places a hold on your credit file so that no new credit can be opened without the use of a personal identification number or password. A 2017 report by Credit Sesame indicated that less than 1 percent of adults have a security freeze on their credit reports, making this an underutilized resource.
In addition, if you believe your identity has been compromised, or if you just want to be extra cautious, you can place a fraud alert on your credit file. This forces any creditor to take extra steps to confirm your identity any time a new account is opened in your name. Fraud alerts generally last 90 days, but victims of identity theft can put one in place for up to seven years. The same 2017 Credit Sesame report states that only 7 percent of its members take advantage of fraud alerts.
Photo Credit: Hero Images Inc. / Alamy Stock Photo
6. Create Strong Passwords for All Devices & Accounts
Endure the momentary inconvenience of unlocking your device each time you want to use it. An unlocked device is the equivalent of an open pocketbook when left unattended. The more apps you have connected and passwords stored in browsers, the more critical it is to create a barrier between your data and the casual observer. If a service offers two-factor authentication, set it up. Then, in order to sign into your account from an unfamiliar device, you’ll have to enter your password plus a code that is sent to your cell phone. This prevents anyone from accessing your account even if they have your password.
Passwords should also be strong and not easy to guess. If your ATM card PIN is your address number or your birth date, change it. If you log in to your bank account with the name of your child or pet, you need a more complex password. According to Pew Research, 25 percent of Americans admit to using simple passwords that are easy to remember, and 39 percent use the same (or similar) passwords for different online accounts. That means if a hacker knows your password for one account, the hacker can access them all.
Instead, create passwords that incorporate uppercase and lowercase letters, numbers and characters. Use an online password manager like SecureSafe to keep track of all your passwords—then you’ll only have to remember one (but change it every few months). Don’t send a backup email to yourself or a loved one that says “My password is…” or leave a list of passwords in a Google Doc that can be easily hacked.
These are just a few of the simplest, but effective, precautions you can take with managing your passwords.
Photo Credit: EyeEm / Alamy Stock Photo
7. Be Smart on Social Media Sites
Set your social media accounts to private or friends-only and avoid connecting with people you don’t personally know. In November 2017, Facebook announced that as many as 2-3 percent of profiles—more than 200 million—could be fake, which makes caution even more important in this era. Our Facebook profiles are a window into our lives and should only be shared with those we know and trust. In fact, thieves can often find answers to common account security questions—your first car, city you were born, street you grew up on, your mother’s maiden name—on social media profiles. So, be extra careful to not expose this type of information. Additionally, don’t volunteer information about your whereabouts, your family members, your plans, your lifestyle, or your preferences to strangers.
Photo Credit: Aleksandr Khakimullin / Alamy Stock Photo
8. Run Anti-Virus Software
Your computer can become infected in a click—literally. In its 2018 Security Intelligence Report, Microsoft lists attack methods like phishing, email attachments, and ransomware as some of the biggest threats to cybersecurity. With increasingly sophisticated techniques being used by criminals, unloading the responsibility of cybersecurity to the experts is a good choice. There are many good anti-virus software options on the market. If you need a free one, try AVG or Avast.
Photo Credit: Hero Images Inc. / Alamy Stock Photo
9. Monitor Your Credit
You are entitled to a free copy of your credit report every twelve months from each of the three major credit reporting agencies (Equifax, Experian and TransUnion), and you can obtain them at AnnualCreditReport.com. Stagger them so you can receive one report every four months. Mark your calendar so you won’t forget. Periodic review of your credit reports not only allows you to stay on top of your score, but also to see when something appears on your credit history that shouldn’t be there—whether by mistake or by malicious behavior.
Also, with free resources like Credit Sesame, you can get your free credit score and set up free credit monitoring as well. These tools provide instant alerts when information changes on your credit file (like new accounts, inquiries, or account balance changes).
Photo Credit: Andriy Blokhin / Alamy Stock Photo
10. Respond and Report Rapidly (New)
Even if you take all these precautions, identity theft can still happen to you. If you find that you have been a victim, it’s important to act fast. Set up fraud alerts so credit agencies will need to take extra steps to verify your identity before issuing future credit. In addition, contact any financial, medical, or other institution related to the theft so they can watch for new suspicious activity.
There are also a number of government agencies you should report to. Create an Identity Theft Report by filing an Identity Theft Affidavit with the Federal Trade Commission and a police report with your local precinct. For suspected theft of your Social Security number, inform the Social Security Administration and the IRS. Finally, if you suspect that your identity was stolen through the U.S. mail or if a false change-of-address was issued, contact the Postal Inspection Service.