Identity theft is the fastest-growing crime in America for the very obvious reason that most of us have made our most valuable personal information — name, address, social security number, driver’s license, credit card number, etc. — available online.
And cyber criminals are having an easy time stealing it!
The one bit of good news is that consumers and businesses have taken up the fight against identity theft and are winning some of the battles … but there is a long way to go.
According to Bureau of Justice statistics, more than 16.7 Americans were victims of identity theft in 2017 and one million of those were children. Fraud losses totaled $16.8-million. At least 143-million Americans were affected by the Equifax breach. Banks (JP MorganChase), retailers (Target) and web services (Yahoo) have all been hacked.
“Identity theft is the biggest consumer crime in America and it threatens everyone,’’ said Steven J.J. Weisman, an attorney who teaches a white-collar crime class at Bentley University, just outside of Boston
But here’s the key: Identity theft is preventable. You just need some knowledge, planning, awareness and vigilance.
“We all have lax security practices that put us at risk, many of which seem innocuous or make us think, ‘This will never happen to me,’ ‘’ said Brianna Jensen, identity theft expert at ASecureLife.com. “Sharing too much personal information online and on social media, for example. Even if our profiles are private and our accounts password-protected, this doesn’t stop someone who really wants your information from gaining access and putting together all the pieces to create a comprehensive profile.”
Some the reasons identity theft has become easier include:
- Recycling basic passwords such as “password” or “1234” between multiple accounts
- Throwing sensitive mail in the trash rather than shredding it
- Connecting to banking apps on an unsecured Wi-Fi.
Online scammers are also becoming more sophisticated, so even if you think you can spot a fake website or a phishing email, you can still be a victim.
What is identity theft?
The definition of identity theft is the unauthorized use of someone’s personal data or documents (usually social security card or credit cards) to obtain merchandise, services or credit.
The frightening reality is that could happen to anyone.
Consider that once identity thieves grab your personal information, they can empty your bank account, run up charges on your credit cards, open new utility accounts and even get medical treatment on your health insurance.
They can file a tax refund in your name — and get your refund. They can obtain a driver’s license, passport or immigration papers. They can open bank accounts, forge checks, apply for loans and credit cards and open insurance accounts. They can assume your identity on social media.
They might even give your name to the police during an arrest, triggering a legal chain of events that could affect voluminous areas of life.
The list of things thieves can do with your personal information is frighteningly endless. This is a very serious matter that deserves constant attention. It’s incumbent on everyone to become educated on identify theft. Know how to spot it. Know how to prevent it.
Facts about Identity Theft
Identity theft has increasingly become an online problem. The Identity Theft Resource Center (ITRC), which began collecting data in 2005, lists the primary sources of online breaches into five major categories.
Here are the stats for those categories in 2017:
- Businesses – 907 breaches affecting 182 million people
- Educational – 128 breaches affecting 1.4 million people
- Medical/Healthcare – 386 breaches affecting 5.3 million people
- Government/Military – 78 breaches affecting 5.9 million people
- Banking/Credit/Financial – 136 breaches affecting 3.3 million people
One source that isn’t listed — Family and Friends — has become a category unto itself.
According to Javelin Strategy and Research data, nearly 550,000 identity theft victims in 2017 had information compromised by someone they knew.
The ITRC has identified the following as the most common identity theft methods in the first three quarters of 2018:
- Hacking, skimming and phishing information off the internet — 37%
- Unauthorized Access – 29.6%
- Employee Error/Negligence — 12.4%
- Accidental Email/Internet Exposure — 10.1%
- Insider Theft — 3.5%
- Physical Theft — 5.3%
- Subcontractor/Third Party — 7.0%
- Data on the Move — 2.5%
How Identity Theft Occurs
There are many other specific, clever methods for thieves to steal your identity or personal information, such as:
Stealing — Beware of leaving your wallet or unopened mail around the house or in your car. Grab-and-go can happen in a heartbeat.
Dumpster Diving — Some thieves go through garbage cans to find information, such as unopened pre-approved credit cards.
Change Of Address — Thieves can fill out change-of-address request forms. Once your mail is sent to them, they can access your personal information.
Cloning Credit Card Information — An employee of, say, a restaurant, gas station or retail store, can swipe your credit card through a device that copies the magnetic strip information. It can be transferred to a counterfeit credit card, which can make purchases.
How to Protect Yourself from Identity Theft
The facts are clear. It’s a problem that isn’t going away. So, what to do about identity theft?
There are common-sense methods that everyone should be practicing.
Mail Theft — Identity thieves often thrive on plucking vital information from your mailbox. Promptly remove your mail. If you’ll be gone for a few days, contact the post office and request a vacation hold on your mail. When you order new checks, don’t have them mailed to your home (unless you have a secure mailbox with a lock).
Undoubtedly, you receive voluminous pre-screened offers of credit and insurance. It’s sometimes best to opt out of those offers (call 1-888-567-8688 or go to www.OptOutPreScreen.com).
It’s a great practice to purchase a shredder, so you can dispense of receipts, credit applications, credit offers, insurance forms, physician statements, checks, bank statements, expired charge cards and other documents that could be seized by identity thieves.
Protect Yourself — Don’t carry your Social Security card in a wallet or purse and don’t give it out in a public place. Don’t put all of your identifying information in one place. Protect your passwords. Make them complex — even though it’s a hassle — because that makes them difficult to steal.
“Trust me … you can’t trust anyone,’’ Weisman said. “Sarah Palin’s email was hacked when someone answered her security question about where did she meet her husband. The answer was readily available on Wikipedia.
“Although most of us are not celebrities, there is much information about us that can be easily obtained to answer security questions. A common security question is your mother’s maiden name. Consider using a nonsensical answer to the question. For instance, you can put your mother’s maiden name as ‘Firetruck.’ No identity thief will ever be able to find it and it is silly enough to be easily remembered.’’
The website www.scamicide.com has further tips on how to choose and remember complex passwords.
Another simple password strategy? Use a space. Security researchers obtained a list of 550-million passwords and found that only 0.03% of them used a space.
“A space works just like any other character in a password, but using one or more spaces increases the password’s strength,’’ said Drew Kellerman, founder of Phase 2 Wealth Advisors in Gig Harbor, Wash.
The longer the password, the more secure. It doesn’t need to be an unrecognizable mass of letters, numbers and symbols. It simply needs to be long. Example: If your favorite movie is the original “Star Wars,’’ your password could be … May the force be with you. For another account, you could use May the force be with you @1. For still another account, you could use Mtfbwy@1.
Check Your Credit Report — By federal law, the three credit reporting bureaus must each supply you one credit report a year. Get one every four months and inspect them carefully, looking for suspicious activity.
Unsolicited Requests — NEVER respond to unsolicited inquiries that ask for personal data such as name, birthdate and Social Security number.
Update Virus Software — Make sure your computers have the latest software available to identify and deal with computer-driven viruses.
Security Freeze/Fraud Alert — To combat concerns about your information being too accessible, you can put a security freeze or fraud alert on your credit report. A security freeze locks out everyone from accessing your credit report (it might come with a $10 fee for each of the three credit reporting agencies, meaning $30 for every time you “freeze’’ or “unfreeze’’ your account). Important: A security freeze does not lock out people who already have legitimate access to it, such as companies you do business with. It does not affect your credit score. A fraud alert, meanwhile, lasts 90 days and tells potential creditors to contact you before granting credit in your name.
Shred — When you discard receipts, copies of credit applications, insurance forms, physician statements, bank checks and statements and expired charge cards, it’s best to tear or shred them. That can thwart identity thieves who are seeking your personal information.
Beware of Impersonators — The sad truth is impostors are everywhere, whether it’s over the telephone or online. They might sound convincing as they represent themselves as representatives of your bank or credit-card company. Don’t believe it! Don’t give out your personal information over the phone or internet unless YOU have initiated the contact and you ABSOLUTELY know the person or company.
Beware of Public Wi-Fi — Portable workplaces are popular, but there could be dangers in setting up your “office’’ in the local coffee shop. With public Wi-Fi, your data could be intercepted by outsiders. So, when you’re at the cafe, airport, library or hotel, don’t conduct bank transactions, make online purchases or enter any sensitive information.
Old Technology Disposal — Be careful when dispensing of your old computers and mobile devices. You should protect your personal information by making the computer hard drives unreadable. When backing up the data and transferring the files, you can “sanitize’’ the computer by magnetically cleaning the disk or using software to wipe the disk clean. Remember to remove the memory or subscriber identity module (SIM) card from mobile devices.
How to Tell if Someone Stole Your Information
It’s especially frustrating to discover identity theft that has been going on for a long time — without notice. It helps to be educated in knowing if someone has stolen your information.
Identity thieves can be clever and cunning in their methods. A thief could steal your mail — or actually go through your garbage — in order to get your checking account, credit card account or other account numbers, including your Social Security number. You might be tricked into sending personal information in an email or your account numbers could be plucked from a business or medical office. And of course, if your wallet or purse is stolen, that’s a prime opportunity to uncover personal information.
Here are ways to know that things are amiss:
- Read Your Bills — Are there charges for things you didn’t purchase?
- Watch Your Bank Account Statement — Are there withdrawals you didn’t make? Are there unexpected charges?
- Check Your Mail — Did you stop getting a bill? Did a new bill arrive that you don’t know anything about?
- Examine Your Credit Report — Are there accounts or other information that don’t seem familiar?
- Health Insurance Concerns — Did your health plan reject a legitimate medical claim because records showed you reached the benefits limit? Did the health plan refuse to cover you because medical records show a condition you don’t have?
- Taxing Notice — The IRS notifies you that more than one tax return was filed in your name or that you have income from an employer you don’t work for.
Other Types of Identity Theft
There are less common types of identity theft — and you should know them:
Child ID Theft — Children’s IDs are extremely vulnerable. The theft could go undetected for several years. By the time they become adults, the damage already has been done.
Tax ID Theft — Thieves can use your Social Security number to falsely file tax returns with the IRS or state government.
Medical ID Theft — Someone could steal your Medicare ID or health insurance member number to receive medical services. It could also trigger fraudulent billing to your health insurance provider.
Senior ID Theft — Typically, ID theft schemes will target seniors, who are in frequent contact with medical professionals or caregivers who have access to personal information or financial documents.
Social ID Theft — Whatever is on your social media platforms — your name, photos and other personal information — can be used to create a phony account.
How to Report Identity Theft
To report identity theft, your best bet is to contact the Federal Trade Commission (FTC) online at IdentityTheft.gov or by telephone at 1-877-438-4338.
By going online, you will receive an identity theft report and a recovery plan. You must create an account on the website to update your recovery play, track your progress and receive form letters to send to creditors. Without an account, you won’t be able to access future information on the website.
It’s also useful to download the FTC’s publication, Taking Charge – What to do if Your Identity is Stolen for detailed tips, checklists, and sample letters.
If you report the identity theft by telephone, the FTC will collect details of your situation, but won’t provide you with an ID theft report or recovery plan.
You can also report the identity theft to your local police station. That will be useful if you know the identity thief or the thief used your name in any interaction with the police. It will also be necessary if a creditor or another company affected by the identity theft requires you to provide a police report.
You also should contact one of the three major credit reporting agencies (Equifax at 1-888-766-0008, Experian at 1-888-397-3742 or TransUnion at 1-800-680-7289) to place fraud alerts or freezes on your accounts so no one can apply for credit with your name or Social Security number.
Get copies of your credit reports to be certain that no one has tried to get unauthorized credit accounts with your personal information. And be sure that the credit reporting agency will alert the other two credit reporting agencies.
You might wish to contact the fraud department at your bank, credit card issuers or other places where you have accounts. Be sure to report the crime to companies where the identity thief opened credit accounts or even applied for jobs.
The State Consumer Protection Offices or Attorney General in your state could help to contact creditors or dispute errors. You might need to get new personal records or ID cards if your identity was stolen. Learn how to replace your vital identification documents after identity theft.
In the case of medical identity theft, contact your health insurance company’s fraud department or Medicare’s fraud office.
In the case of tax identity theft, report it to the Internal Revenue Service and your state’s Department of Taxation or Revenue.
If identity theft results from a stay in a nursing home or long-term care facility, contact the National Long-Term Care Ombudsman Resource Center (TheConsumerVoice.org).
The best way all consumers can protect themselves from identity theft is to constantly monitor their accounts and credit reports. Most large companies are working aggressively to protect against identity theft, but consumers themselves are always the last – and best – line of defense.