Identity theft is the fastest-growing crime in the United States for the very obvious reason that most of us have made our most valuable personal information — name, address, social security number, driver’s license, credit card number, etc. — available online.
According to the Bureau of Justice Statistics, 17.6 million Americans experienced identity theft in 2014 and it cost them $16 billion.
There were 781 data breaches in 2015, exposing information on more than 169 million Americans, according to the Identity Theft Resource Center (ITRC). There were another 93 breaches and 1.7 million records exposed in just the first two months of 2016.
The definition of identity theft is the unauthorized use of someone’s personal data or documents (usually social security card or credit cards) to obtain merchandise, services or credit.
The personal data can be used to obtain driver’s licenses, passports and immigration papers. It can be used to open bank accounts, forge checks, apply for loans and credit cards and open an insurance account. They can take over your identity on social media, use your name to buy property and even steal your tax refund.
The list of things thieves can do with your personal information is frighteningly endless. This is a very serious matter that deserves constant attention.
Where They Get Identity Information
The fastest and easiest place to steal identity information is online. Hackers have found ways into the personal data of so many companies that it’s safe to say that virtually every American adult is a victim, or potential victim, of identity theft.
The Identity Theft Resource Center began collecting data on identity theft in 2005 and the numbers have soared in their first decade in business. ITRC divides the primary sources of online breaches into five major categories.
Here is their breakdown of breaches and number of people exposed to identity theft for 2015:
- Businesses – 312 breaches affecting 16.2 million people
- Educational – 58 breaches affecting 759,600 people
- Medical/Healthcare – 277 breaches affecting 113 million people
- Government/Military – 63 breaches affecting 34 million people
- Banking/Credit/Financial – 71 breaches affecting five million people
The places listed above seem obvious entry points for stealing personal information, but there is another source that might surprise you: family and friends.
According to Javelin Strategy and Research data, nearly 550,000 identity theft victims had their information compromised by someone they knew. Fathers, mothers, husbands, wives and roommates have access to your information and use it to open credit accounts where they rack up bills that never get paid.
Children are the biggest victims of this type of fraud because almost no one monitors their accounts. They likely won’t even find out accounts have been opened using their name and social security numbers until they try to start one of their own and see a credit report that shows they already have a history.
Identity Theft Methods
As technology improves, so do the methods for stealing personal information. Computer wizards use hacking, skimming and phishing information off the internet to reel in 38% of the victims of identity theft, according to ITRC.
The second most common method is Employee Error/Negligence at 14.9% — more than double the number from 2012. Accidental Email/Internet Exposure was next at 13.7% with Insider Theft (10.6%), Physical Theft (10.5), Subcontractor/Third Party (9.0) and Data on the Move (7.3) rounding out the list.
Some of the less common, but still productive ways for thieves to steal your identity or valuable personal information include:
Leaving things like your wallet or unopened mail around the house, in your car or on the table on the back porch makes it easy for thieves to grab-and-go.
Some thieves will go through garbage cans to find unopened pre-approved credit cards, which have more than enough information for them to assume your identity — and an approved credit card to go with it.
Change of Address
Thieves can fill out change-of-address request forms so your mail is sent to them. Once they open your mail, they can use whatever personal information is available to steal your identity.
Cloning Credit Card Information
This happens primarily at restaurants, gas stations and stores when you hand over your credit card. The employee swipes your card through a device that copies the magnetic strip information. That information is transferred to a counterfeit credit card, which can be used to make purchases.
Looking over a person’s shoulder to steal credit card information or listening in while they give out numbers over the phone is an old, inefficient, but still used method for stealing someone’s identity.
Thieves steal your information and use it to get medical care for themselves or sell it to someone else in need of care. Once they’ve stolen your personal data, they have access to bill paying information, including credit card numbers. An estimated 90% of health care organizations had data breach in 2014-2015.
Criminal Identity Theft
This happens when someone gives law enforcement your personal information or driver’s license while being investigated or arrested for a crime. Your name thus becomes part of a criminal record that you may have no knowledge of.
Steps to Combat Identity Theft
There are several steps you can take to minimize your chances of stopping identity theft. Most are common sense, easy-to-do efforts that make it more difficult for someone to obtain your personal data information and use it for fraudulent purposes.
Protect Your Social Security Card
Don’t carry your social security card in a wallet or purse. Don’t give it out in a public place. This might be the most valuable information you have to protect.
The more complex you make your password, the more difficult it is for hackers to steal your password-protected files. It’s a hassle, but you should change your password frequently. Use combinations that include numbers, symbols, uppercase and lowercase letters.
Check Your Credit Report
Federal law says the three credit reporting bureaus must each supply you one credit report a year. Get one every four months and look for any suspicious activity.
Most banks and credit cards companies offer this service to tell customers when there is unusual activity on their account.
Opt out of Pre-Approved Cards
Have your name removed from pre-approved credit card mailing lists by calling 1-888-5-OPT-OUT or 1-888-567-8688. If the card companies stop sending you pre-approved cards, you won’t have to worry about them being stolen.
Never respond to unsolicited inquiries that ask for personal data such as name, birthdate, social security number, etc.
Insurance Against Identity Theft
Some insurance companies provide policies to reimburse victims for expenses incurred for restoring your identity and repairing credit reports.
Update Virus Software
Make sure every computer you use has the latest software available to identify and deal with computer-driven viruses.
Stronger Steps to Combat Identity Theft
If you still are concerned that your information is too accessible to identity thieves, you can put a “security freeze” or “fraud alert” on your credit report.
A security freeze locks out everyone from accessing your credit report. This service is free in some states, but comes with a fee in others — normally around $10 to each of the three credit reporting agencies. That would mean $30 every time you freeze or unfreeze your account.
The security freeze prevents the thief from opening a new account in your name, which is the crime most thieves commit after they obtain personal data. A report by Javelin Research said there was a whopping 113% increase in new account fraud from 2014–2015.
A security freeze does not lock out people who already have legitimate access to it, such as companies you regularly do business with. It does not affect your credit score.
If you are trying for a mortgage or auto loan or trying to open credit card accounts, you must “unfreeze” your accounts with all three credit reporting bureaus. This can get cumbersome and costly, but it’s the price you pay for higher security.
If you suspect that you might be the victim of identity theft, you can ask the three credit reporting agencies to place a “fraud alert” on your account. The fraud alert lasts 90 days and tells potential creditors to contact you before granting credit in your name.
If you have a police report documenting that you are the victim of identity theft, you can have the fraud alert placed on your account for up to seven years. Active military can have a one-year fraud alert on their account.
Some experts in the field say that so any accounts now have fraud alerts that creditors simply ignore them because it takes too much time to process through a situation.
If Your Identity Is Stolen
If someone’s identity is stolen, there are a few very critical steps to take:
- File a police report, so there is a complaint on file for any litigation that might follow.
- Contact one of the three major credit bureaus — Experian, Equifax and TransUnion — and request a fraud alert be put on your account.
- After the fraud alert is placed, you are entitled to a free credit report from each of the three credit agencies. Request your report and review it for suspicious activity.
- Notify creditors of the suspicion of fraud, and have them freeze the account until an investigation can be conducted.
- Dispute unauthorized charges on credit cards or utility bills. (It benefits the consumer to have the first two steps completed prior to disputing charges, as the documents act as written proof of proactivity.)
The best way consumers can protect themselves from falling victim to identity theft is to be consistently monitoring their accounts and credit reports. Although companies have aggressively worked to put processes in place to protect consumers, it’s always a good idea for consumers to monitor credit reports how much money is moving through their accounts.