Technically, identity theft is when someone steals your personal information, such as your social security number and date of birth, and uses it fraudulently. Credit card fraud is a common form of identity theft. Millions of people have their identity stolen each year, and the financial impact can be devastating.
In the more serious cases, thieves use your information to establish credit, even going so far as to buy a house. They, of course, never pay on these debts, leaving you with a load of bad credit and having to prove you are not responsible for those debts. They may also use your identity to commit crimes, exposing you to potential legal troubles. The process of clearing your name and restoring your credit can take months and sometimes years.
How do Thieves Steal Your Identity?
Understanding how thieves steal your identity helps you understand how best to protect it. To begin with, your garbage represents a treasure trove of personal information for identity thieves. Discarded bills, canceled checks, pre-approved credit card offers – they all contain valuable personal information for these criminals.
Thieves also steal information, sometimes while working as employees, from organizations, stores, and especially medical clinics and other healthcare offices. Think of the amount of personal information in your medical file, and you’ll understand why.
Another popular method is phishing, in which thieves send email messages claiming to be from your bank. If you get an email that appears to be from your bank, do not click on any links within the email. Instead, log into your account online directly from their website, not through the link in an email. You can usually detect a fraudulent email if you see that the sender’s address after the “@” is not from the organization. For example, if it says email@example.com, it’s pretty certain that it’s not from your bank, as theirs would typically end in firstname.lastname@example.org. Still, it’s safer to go directly to the website to log in rather than clicking on a link in an email.
Finally, many identity thieves run phone scams. They may claim to be from the IRS and threaten you with prison if you don’t immediately pay what you owe. If you receive a call like this, hang up and call the IRS. They will verify whether you owe back taxes and will appreciate any information you can provide on the call. Some scams include claims that you owe a debt, and that if you make a payment over the phone right now you will avoid going into collections. Don’t pay them over the phone. Again, find out the name of the company and call them directly to find out if you truly owe the debt.
Another popular tactic is claiming you’ve won a prize or drawing and then requesting payment of a processing fee. If you don’t remember entering a contest, it’s a scam. Do not provide your credit card or bank information to anyone you do not know.
How to Recognize Identity Theft
It would be so much easier if you heard sirens, or ominous music, the moment somebody stole your identity. Unfortunately, it is not always obvious right away, which makes combating it more difficult. Luckily, there are warning signs. If you experience any of the following, assume your identity has been compromised.
- An IRS notice that you filed more than one tax return, or have unreported income from an employer (for whom you don’t work)
- Debt collectors contact you for debts you know nothing about
- Receiving notice of a data breach from a company
- Rejected health insurance claim because you’ve reached your benefits limit (when in reality you haven’t)
- Suddenly stop receiving your mail
- Unexplained withdrawals from your bank account
- Unfamiliar charges on your credit cards or other accounts
- You are arrested for a crime committed in your name, but which you did not commit
Beef Up Your Online Security
Some people turn to identity theft protection services for a sense of security. Before doing this, though, implement some simple, effective safeguards to protect yourself.
Start by improving your online security. This means using complex passwords, at least 10 characters long, which include upper- and lowercase letters, numbers, and special characters.
How will you possibly remember that? Use a password phrase, substituting letters, numbers, and characters for each word of the phrase. For example: “This is my complex password, you get your own” becomes “T1mcPWugy0!” The key is to make it a phrase you’ll remember, but no one else will guess. There are also inexpensive online highly secure services available to help you keep all of your passwords and sensitive information in one place, such as LastPass.com or Dashlane.com.
Once you memorize the basic sentence, you can substitute a couple of letters to use for other individual things such as credit cards and email (i.e. PW becomes CC for credit card, EM for email, you get the idea). Remembering it is simple, but it looks like nonsense to anyone else.
Also, be alert to online scams, such as phishing emails. Never follow a link from an email onto a financial website, or other websites claiming to be something familiar (like eBay). Always go directly to the site through your browser instead. The link may be malware that could infect your computer, or allow the hacker to obtain information that you may enter thinking it is a legitimate site. For instance, if you get an unsolicited email from eBay with a link, it’s best to go onto your eBay account from your browser rather than clicking the link. If the email is a scam, you may enter your login information once you click on the link, and the hacker will then have access to your personal information, including credit cards and methods of payment that you use on eBay.
When shopping online, pay with a credit card instead of a debit card, as there are better federal protections for credit cards than there are for debit cards.
Finally, if you ever use a public computer, clear your logins and passwords. Never do any financial transactions on a public computer. Also, steer clear of free or unsecured Wi-Fi, which is easily hacked or snooped into by thieves. If you do use it, log in through a Virtual Private Network, or VPN connection. A VPN connection will add a level of security to your internet browsing by encrypting your internet connection and allowing you to surf the net privately. Hackers will not be able to interpret what you are doing. Consumers can purchase a VPN service rather easily for about $5 to $10 per month. You can obtain more information on websites such as www.privateinternetaccess.com. You can also search online “How to obtain a VPN” to get results that will lead you to helpful information.
Monitor Your Financial Statements and Credit Report
Check the activity on your financial accounts regularly. This includes your bank and credit card statements, as well as accounts such as PayPal.
Also, monitor your credit report for suspicious activity. Do not fall for those advertisements for free credit reports. Those are nearly always scams. Each of the three credit bureaus – Equifax, Experian, and TransUnion – owe you one free credit report each year. This means you can obtain a free credit report every four months, directly from the agency. Or, log into AnnualCreditReport.com to request a copy.
Invest in a Shredder
Thieves steal mail, bank statements, preapproved credit card offers, canceled checks, and utility bills. Anything with your name, account information, or other personal details needs to be shredded before being recycled or thrown in the trash.
My Identity was Already Stolen. What Now?
If your wallet, social security card, or any other personal or financial information is lost or stolen, or compromised in a security breach, contact the three credit reporting agencies listed above and place a fraud alert on file.
Next, check your bank and other financial statements for fraudulent activity, and exercise your right to obtain a free copy of your credit report to look for further fraud.
To place a fraud alert, you can contact a single credit reporting company, but verify that the agency will contact the other two. Make sure you share your current contact information. Finally, mark your calendar, as the fraud alert stays open for 90 days, though you may renew it if necessary.
You may also request a credit freeze, which makes it harder for identity thieves to open new accounts using your information. Some states allow identity theft victims to do this free of charge, whereas in other states there is a fee of around $10. Requesting a credit freeze requires contacting all three bureaus yourself. Record this date as well.
File an Identity Theft Report
Submitting an identity theft report with the Federal Trade Commission (FTC) helps you move the process along and prove your identity was stolen. This makes removing fraudulent activity from your credit report easier, as well as helping you stop debt collection efforts resulting from the theft.
Start by submitting a complaint to the FTC. This is a written report called an Identity Theft Affidavit. Next, take a copy of your affidavit, as well as any other documentation you have, and file a police report at your local police department. Then, get the report number or a copy of the police report. Finally, attach your FTC Identity Theft Affidavit to your police report. This is your Identity Theft Report. Keep a complete copy for your files.
Create a Tracking System
Depending on how many accounts the thief has access to, this can be a long, drawn-out process, so you need some way to monitor it to keep track of where you stand and what happens next. If it’s just one credit card, it can simply be closed and reissued. If it is more global to your financial world, you’ll have more to do to restore your security.
Create a folder, and possibly even a filing system, to keep track of everything, and place all documentation in this folder. When you need to send in documents, only send copies; keep the originals for your own files. Also, make copies of your identification, which you may need to include with some correspondence.
Create a log of telephone calls, recording the date and time of the call, the agency or organization you contacted, the person (or people) you spoke with, and any information or tracking numbers generated with each call. Before making calls, create a list of questions or issues you need to cover, so you don’t forget anything.
When you send correspondence, use certified mail, and request a return receipt. It’s well worth the extra postage.
Finally, create a timeline of deadlines you must meet. This includes when you filed requests, the name of the organization, and any follow-up dates. For example, fraud alerts last for 90 days. If your situation is not resolved within 90 days, your timeline reminds you to renew the fraud alert.
Having your identity stolen is a frightening prospect, but knowing what to look out for, and taking steps to protect yourself, helps calm some of those fears while guarding you against the dangers.