How to Prevent Identity Theft
Identity theft is when someone illegally gets access to your personal information like passwords, Social Security numbers, credit card numbers or medical insurance account numbers. They then use your information to open new accounts in your name, run up charges on your existing accounts, empty your bank account or even file a tax return in your name. In 2017, a record 16.7 million people in the United States were victims of identity fraud.
Unfortunately, you might not know anything is wrong until you receive a call from a debt collector or the IRS, or you see strange items on an account statement or your credit report.
“The sad part about all this is that victims can spend years of their life trying to get back to where they were, especially with credit fraud,” said Bruce McClary, vice president of communications for the National Foundation for Credit Counseling. “It’s about how quickly you can react.”
- How to prevent identity theft
- What can criminals do with your identity?
- How do criminals get your personal information?
- The bottom line
How to prevent identity theft
As the saying goes, the best defense is a good offense. Vigilance and common sense are your two best strategies for battling identity theft, McClary said.
Typically, the law limits your liability if someone fraudulently opens a new account in your name or runs up charges on your existing account. With an ATM or debit card, you usually have 60 days from the time of your last statement to report the card as lost or stolen. But it can still be very time-consuming and frustrating to stop future fraud, remove negative items from your credit report and get debt collectors off your back.
It pays to be protective of your information and proactive about watching for signs of trouble. Here are some ways to help prevent identity theft:
- Monitor, monitor, monitor. Every 12 months, you can get a free copy of your credit report from all three major credit reporting bureaus at AnnualCreditReport.com. But once a year may not be enough. McClary suggested staggering your reports instead of getting all three bureaus’ reports at the same time. Also, sign up for alerts on your credit and financial accounts. “There’s no excuse for people to not have at least that early warning system in place,” he said. You should also read your bills and statements right away to look for unusual items.
- Freeze your credit. You can freeze your credit even if you haven’t experienced identity theft. This should stop someone from opening a new account in your name. You can always unfreeze your credit when needed.
- Watch for scams. A company like your bank or credit card provider should never ask for your full Social Security number over the phone to verify your records. Never offer sensitive information over the phone or by email. And don’t click on a link or attachment in an email unless you’re sure you know what it is.
- Don’t store your credit card number online. It can be tempting to keep your credit card information stored on a website where you do a lot of business. But it’s much better to enter the card number yourself each time. “The problem with storing your info on their site is that now it’s on their server,” McClary said. “You don’t know how vulnerable their data is.”
- Be careful with passwords. A strong password alone isn’t enough to protect your data, McClary said, but it’s still a good idea. Use a password manager to generate and store your passwords so you don’t have to remember them all. Vary your passwords so that if your information is compromised, identity thieves can’t access multiple accounts using the same email and password combination.
- Shred and protect. Shred your mail, receipts or other documents that contain your personal information. Install a firewall and virus protection on your home computer, and use a virtual private network (VPN) if you’re using a public Wi-Fi network.
What can criminals do with your identity?
Although credit card fraud is the most common form of identity theft, unfortunately, the bad guys have plenty of other ways to profit off your information.
In the case of a breach, where a hacker breaks into a company’s system and steals customers’ records, the hacker often sells the information, McClary said. It sounds like something out of a sci-fi novel, but the dark web — online places not indexed by the usual search engines — exists, and it’s where thieves buy and sell ill-gotten personal information.
If an identity thief gets your full credit card number, that’s usually enough to “run up the balance and do all kinds of damage,” McClary said. The situation gets even more serious if thieves get your Social Security number, date of birth and driver’s license information because that allows them to apply for loans and new lines of credit, he said. With that information, they can also file a tax return in your name in an attempt to steal your tax refund. To combat this, file your tax return early.
If a thief gets your Medicare ID or health insurance member number, they can use that to obtain their own medical services or submit fake claims to your health insurer.
Many identity thieves will use your information to open new utility or phone accounts. They may use different billing addresses so you don’t know about the accounts until they’re already overdue, which hurts your credit score.
How do criminals get your personal information?
Identity thieves use both high-tech (hacking) and low-tech (dumpster diving) methods to get your personal information. Knowing how they get your information is a good way to potentially stop it. Here are three common ways:
- Data breaches. In 2018, there were 1,244 data breaches that exposed more than 446 million customer records, according to the Identity Theft Center. The number of breaches was down 23% from 2017, but the number of exposed records soared by 126%.
- Old-school scams. Some identity thieves will simply look through trash bins or mailboxes to find items like bills, receipts or credit card applications.
- Phishing, vishing and smishing. This is when thieves use email (phishing), phone calls (vishing) or text messages (smishing) to get your personal information. They might pretend to be from your bank or credit card company and ask you to provide sensitive information like your Social Security number. They might also direct you to a phony website or ask you to click on a link or an email attachment that contains a virus.
The bottom line
Identity theft is no joke. The longer it goes unnoticed, the more damage can be done to your credit history.
Be careful with your personal information, and keep a close eye on your accounts and credit reports. If you think you’ve been the victim of identity theft, react as quickly as you can. Here are some steps to take:
- Report the identity theft to all three credit reporting bureaus and ask them to put a fraud alert or security freeze on your credit reports.
- Dispute any incorrect information on your credit report.
- If a certain account was affected (like a credit card), notify the lender.
- File an Identity Theft Report with the Federal Trade Commission (FTC).
- Change relevant passwords and PIN numbers.
- File a police report if needed. (It’s possible you’ll need to provide it to a creditor or debt collector.)
“It’s possible to catch some of these things in time,” McClary said. “Be vigilant so you don’t have a long recovery and cleanup ahead of you.”