12 Identity Theft Mistakes (how many have you made?)

Protect Yourself From Identity Theft

Identity theft is one of the most traumatic non-violent crimes to which one can fall victim. When a crook uses your good name to commit fraud or robbery, the impact on your reputation, employability, and credit is severe, and can last for years. It's even possible to find yourself arrested for crimes you did not commit. So it's important to protect yourself against identity thieves. Avoiding certain common mistakes is your first line of defense.

Javelin Strategy and Research says "the resurgence of higher-impact fraud types such as new account fraud, account takeover, and misuse of non-card accounts casts a shadow over the progress made in fighting card fraud." One major factor is the more than 3,150 data breaches at major corporations that had consumers vulnerable to phishing and other forms of fraud.

The telltale signs that your identity has been stolen can be subtle and may go unnoticed for months, even years. Inexplicable charges on your credit card bill may be chalked up to clerical errors. Letters from creditors you've never heard of and certainly never did business with may be ignored. But eventually, an enormous credit card bill, legal papers, or police show up at your door. You are denied a mortgage or a job. Then the real nightmare of proving "I didn't do it" begins.

It can be maddeningly difficult to clear your name, costing hundreds of hours and thousands of dollars. That's why it's important to take steps NOW to make it as difficult as possible for a scammer to victimize you. Take action as soon as possible if you're making any of the credit-related mistakes below, and you'll tips the scales in your favor:

1. Not checking your credit report on a regular basis, to see if there is any incorrect information, or accounts you don't recognize. Use this link to access the official US Goverment website: AnnualCreditReport.com, and you can get free credit reports online from Equifax, Experian and TransUnion.


2. Not shredding your sensitive personal documents before throwing them away. A battery-powered cross-cut shredder can render your banking and credit card information unreadable and costs less than $30. "Dumpster diving" is a favorite, low-tech way by which ID thieves collect bank statements, credit card numbers, Social Security Numbers, and other bits of your identity from your trash.


3. Trusting telephone solicitors asking for personal or financial information to "verify your identity." Common scams involve someone who claims to be from your bank or credit card company, claiming that there is a problem with your account. If you did not initiate the call, hang up and call the toll-free number on your statement, then ask for the security department. This happened to me, with callers claiming to be from my utility company and my bank called my unlisted number and asked for me by name. I Googled their number on the caller ID, and found that many others reported similar calls.


4. Failing to secure important documents, such as tax returns, birth certificates, social security cards, passports, life insurance policies and financial statements in your home. A fireproof safe is a good idea, but remember to bolt it to the floor or hide it well. Consider using encryption for your personal and financial data, in case your computer is lost or stolen. See my article Is it Time to Start Encrypting Your Files? for help getting started with encryption tools.


5. Being careless at the ATM? Make sure no one is looking over your shoulder when you enter your debit card's PIN at an ATM or point-of-sale terminal. I recommend the "two finger method" where you point two fingers at the ATM keypad, but only press with one. This makes it nearly impossible for someone nearby to discern your PIN while you're entering it. You should also be wary of "skimming" devices at ATMs and gas pumps, which can be used to steal your card information. See my article ATM Skimmer Scams On The Rise to learn how to identify these devices.


6. Writing your PINs, account numbers, and passwords on scraps of paper kept in your wallet, purse, or laptop case. A password manager will help in two ways: generating strong passwords, and automatically entering them on websites when needed. See my related articles How Hackable is Your Password?.


7. Failure to think before you click. Don't fall victim to "phishing" scams, which are attempts to trick you, by impersonating a person or institution you trust. These can come to you by email (sometimes with personal details gleaned through data breaches) or as popups while browsing the Web.


8. Getting blank checks delivered to your home mailbox from which they may be stolen. Pick them up at the bank branch instead. On a similar note, eliminate junk mail which may contain "convenience checks" and credit card offers that can also be intercepted from your mailbox. Visit OptOut Prescreen for help eliminating these dangerous nuisances. On a related note, consider going paperless with your bills and financial statements.


9. Not getting notified of new credit cards charges. Check to see if your online banking service has a feature to notify you by phone, text, or email when you when a credit card transaction exceeding some threshold occurs. Also, when you order a new credit or debit card, mark the calendar and follow up promptly if it does not arrive within 10 business days. Ask the card issuer if a change of address request was filed, and if you didn't do it, hit the panic button.


10. Sharing personal information on social media. Broadcasting your age, birthday, home address, or even your pet's name on Facebook and other social sites can make it easier for scammers to impersonate you. Some sites ask for these tidbits in order to play a game, or as answers to security questions. If it's none of their business, use a fake persona. You can be John Smith, age 42, with a dog named Snickers at 100 Main Street.
11. Divulging your Social Security Number to everyone that asks. Don't give your SSN to any business just because they need a "unique identifier" for you. Instead, ask if you can provide alternate proofs of identity, such as your driver's license or birth certificate. Exceptions to this rule would be employers, banks or landlords with a legitmate reason to do a credit check or withhold taxes.


12. Not using fraud alerts or credit freezes. Consider placing Fraud Alerts with the major credit bureaus, so new accounts cannot be opened without your knowledge. Call Equifax (800-525-6285), and they will pass along the request to both Experian and Trans Union. Fraud alerts expire after 90 days, so you can repeat the process quarterly, or lock down your credit file with a Credit Freeze. A freeze is permanent and free (in most U.S. states) but it may interfere with loans applications, employment screening, signing up for utility or phone service, new insurance policies, and other transactions.

There are plenty of common sense things you can do to protect against identity theft, but sometimes it's beyond the control of even the most vigilant. Data breaches perpetrated on healthcare companies, hotel chains, airlines, department stores, mobile phone providers, and social media firms are a "treasure trove" of data that could be used to commit identity theft and fraud. Here's a very interesting article detailing the 72 biggest data breaches of recent years, and what types of consumer data were affected.

What About LifeLock?

You may be considering LifeLock or a similar identity theft protection service. Although this can be helpful, no company can guarantee that identity theft will never happen. These services monitor your bank account, and look for suspicious online activity done in your name. They'll alert you if they spot any red flags and promise to help you repair the damage. But because of lawsuits filed by the credit bureaus, Lifelock can no longer place fraud alerts on your behalf.

It can be a nuisance to manage fraud alerts manually. But given the recent focus by scammers on new account fraud and account takeover fraud, a service such as LifeLock, Identity Guard or IdentityForce may still be useful. The downside is that most cost $10-$20 a month, and none of them can claim to prevent all forms of identity theft.

Do you have other tips for avoiding identity theft? Post your comment or question below...