Identity theft is one of the fastest-growing crimes in America. It claimed 16.7 million victims in 2017 alone, and the number is growing each year.
We seem to hear of major data breaches affecting millions of people, or even tens of millions, on a regular basis.
And that’s in addition to the millions of individual cases of identity theft.
So, what is identity theft, what different forms does it take, and what can you do to protect yourself?
What is Identity Theft?
Identity theft is any situation in which your personal information is used without your authorization for the benefit of another party or group of individuals.
What makes identity theft a particularly complicated crime is its stealth nature. In most cases, you won’t be aware your identity has been compromised until well after the fact.
An example is when a fraudulent account appears on your credit report. Once that happens, it confirms the theft actually occurred well before the account was opened. And unless you check your credit report regularly, you may not even be aware of how long the account has been open. The actual theft of your identity took place weeks or months before.
The more fortunate episodes of identity theft – if such a thing can be said – is when a single individual steals your identity and uses it for his or her own purposes. Those situations are much more easily contained.
But a far more severe event is when your information has been stolen and is being sold to multiple parties. If you’re the victim of this kind of theft, all types of unauthorized activity are likely to happen. And it probably won’t be limited to opening new loans or credit cards.
In the first situation, the problem can usually be remedied by closing the fraudulently opened account, then putting a freeze on your credit reports.
But in the second scenario, you may need to get a new Social Security number, which is a complicated process.
Types of Identity Theft
The answer to the question, what is identity theft, doesn’t have a single solution. That’s because identity theft comes in many different forms.
The most common include:
- Credit Card Theft: The thief obtains your name, credit card number, expiration date, and security code, then uses the card to make unauthorized purchases.
- ATM Card Skimming: ATM card skimming is when thieves install devices on bank ATMs and gasoline station pumps to get the information on your debit card.
- Medical Identity Theft: A thief obtains your health insurance card and uses it to get medical care or prescriptions.
- Unsecure Web Activity: Certain questionable websites may install tracking software on your computer. Alternatively, if you make a financial transaction on an unsecured site, unintended third parties may have access to the information.
- Malware: This is one type of tracking software thieves may install on your computer. It can be used to spy on your computer activity, including obtaining sensitive ID information.
- Phishing schemes: This is when you receive an email that looks exactly like it comes from a business you regularly deal with, such as your bank. You can know it’s a phishing scheme because they’ll ask for sensitive information, like account numbers or your Social Security number. If it’s a financial institution or business you deal with regularly, they already have this information on file and shouldn’t need to ask for it.
- Mail Theft: A thief can simply steal from your mailbox, and get important information, like a credit card- and bank account numbers.
- Data Breaches: These are the big stories you read about in the media, where the identity of millions of people is compromised in a single hit. In many cases, the data will be sold to unscrupulous third parties, often on the Dark Web.
The Consequences of Identity Theft
Given the many forms identity theft takes, it’s easy to see why it’s such a complex problem to prevent.
The consequences are far-reaching, and can include any of the following, among many others:
- Applying For Credit In Your Name: It’s bad enough if a thief gets access to your credit card information and begins making charges. But if he or she obtains your personal information, especially your Social Security number, entirely new credit cards can be opened, or new personal loans applied for. The thief will get the benefit of whatever the credit provided, but you’ll be stuck with the obligation.
- Stealing Funds From a Deposit or Investment Account: If a thief obtains your account information, he or she can use it to clean out your account. This can apply to investment accounts and even retirement accounts, in addition to bank accounts.
- Engage in income tax refund fraud: Income tax fraud is a fast-growing side of the identity theft crisis. The thief obtains your name, address, and Social Security number, then applies for a big tax refund, which is then directed to the thief’s bank account. The tax return is filed very early in the year, before you’re likely to file your own. You won’t know about it until you receive a notice from the IRS. Fortunately, they have an entire process set up to deal with this problem.
- File Health Insurance Claims: We touched on this in the previous section, but a thief can obtain medical services in your name by stealing your health insurance card.
- Sell Your Information to Other Thieves. The variety of parties your information can be sold to is limitless. This risk multiplies the potential for any of the problems above.
Once again, this is just a sampling – many other outcomes are possible.
How to Protect Yourself from Identity Theft
There are many ways you can protect yourself from identity theft, but none are entirely foolproof. Each area of your life and financial dealings will need its own set of strategies.
- Anti-virus software. Adding one to your computer can prevent the installation of malicious software on your system, including malware.
- VPN service. A virtual private network, such as SiteLock, is a service that will enable you to browse the web without giving away the identity of your computer. That will prevent thieves from getting access to both your browsing history and your computer.
- Store sensitive information in encrypted files only. Information should never be stored in a general folder on your computer. Anyone with access to your computer could get that information.
- Destroy old technology. You may no longer need old computers and smartphones, but they represent a treasure trove of information to a thief. Be sure to destroy or dispose of any such technology properly. Simply selling it or throwing it in the trash is not an acceptable practice.
- Monitor your credit regularly. Your credit score is about more than just bragging rights or getting the best interest rates on loans. It also indicates the appearance of new credit. As soon as this is reported, you should move immediately to stop it. A good credit monitoring service will give you that ability.
- Put a freeze or security alert on your credit report. You can do this by contacting the three major credit bureaus, Experian, TransUnion, and Equifax. A freeze will prevent any new credit, while a security alert will require you be contacted directly for any new activity.
- Store important documents under lock and key. This includes the actual statements, credit and loan statements, income tax returns, and other current information that shows account numbers and your Social Security number. You should similarly store important permanent documents, like contracts, deeds, divorce decrees or other court documents, insurance policies, and loan agreements. Never leave documents with personal identifying information where anyone can access it.
- Invest in a shredder. Unless a document needs to be preserved for an extended period of time, it should be shredded. Never toss an important document in the trash. “Dumpster divers” have been known to retrieve it from your trash receptacle.
- Never provide information in response to an email. If you get an email from a financial institution or company you do business with, access their website through a random web search. Never respond through the link in the email.
- Avoid paying bills by mail. Every time you put a check in the mail, you create a target for identity thieves. All they need to do is steal a bill payment, open the envelope, and take the check. They’ll then have complete access to your bank account.
- Make payments only on secure websites. These should be companies you normally deal with, through secure websites. A secure website is one that includes “https” in the URL. If it’s simply “http,” it isn’t a secure site, and you should not send payment.
- Stay alert! Your radar should be up any time you’re dealing with sensitive information online, on the phone, at an ATM, or anywhere else you can think of. Some thieves are able to gather information just by observing your behavior. Be sure you’re not cooperating.
What to Do If You’re a Victim of Identity Theft
What if, in spite of your best efforts, you still become a victim of identity theft? Unfortunately, there’s no single solution to the problem. You’ll need to implement a series of strategies and do it as quickly as possible.
Speed is particularly important. The sooner you respond to the first hint of identity theft, the less damage the thief is likely to do. You’ll be able to short-circuit the theft early in the process and minimize the damage. But if you wait, even just a few weeks, the crisis can spin out of control quickly.
At the first sign of identity theft, be prepared to do any or all of the following:
- Contact the affected account institution. If you detect fraudulent activity on a credit card or bank account, or the opening of an unauthorized new account, contact the institution immediately and have them freeze the account. Financial institutions have time limits to report fraudulent activity for reimbursement purposes.
- Freeze your credit. That will prevent a thief from using your identity to obtain more credit.
- Set up a fraud alert. Like a credit freeze, you’ll also do this through the three credit bureaus. It will alert lenders that you have been a victim of identity fraud, and not to approve credit for new accounts in your name.
- For health insurance fraud. Contact your health insurance company immediately. They’ll usually notify you of a pending claim. If you respond promptly, they can deny the claim and even help you work out a resolution with the healthcare provider.
- Change your passwords immediately. Though you can’t know if the information breach happened online, it’s better to be safe by changing your passwords to prevent re-access to any financial accounts you have. Also, be sure to make your passwords complicated.
Contact the Authorities
Though you may think of identity theft as a personal crisis, never forget that it’s also a crime. If you’re a victim, be sure to report it to the proper authorities.
- Report the incident to the local police. The police probably won’t be able to do anything to stop it or even recover your lost funds. But it will create an official report of the incident, which may be needed during the recovery process.
- Report the incident to the Federal Trade Commission. You’ll do this through IdentityTheft.gov, where you’ll create a report, develop a recovery plan, and get valuable information to help you in the process.
- For tax refund fraud. Contact the IRS immediately after getting a notice from them informing you that a return has already been filed for you for the tax year in question. You’ll then need to complete IRS Form 14039, Identity Theft Affidavit. The IRS has a whole procedure in place to deal with tax refund fraud, though it will take several months to complete the process.
Using an Identity Theft Protection Service to Help
If you’ve been a victim of identity theft in the past, or you’re afraid you’re at high risk, the best strategy will be to sign up for an identity theft protection service.
They don’t guarantee you absolute protection against identity theft – no one can make that claim – but they do add extra levels of protection that you can’t implement yourself.
The fee for using an identity theft protection service will vary from one provider to another. In addition, nearly every provider offers different plan levels.
You may get a basic identity theft protection plan at a low fee, a premium plan providing every possible protection at a higher fee, and often a third option that offers a balance of services that fit somewhere in between.
Typical protections offered by identity theft protection services commonly include the following:
- Live support.
- Assistance by restoration specialists if your identity is compromised.
- Continuous credit monitoring (offered with some services, but not all).
- Insurance to cover losses due to identity theft, as well as the cost of legal services often necessary in the process.
- Credit and bank alerts.
- Dark Web monitoring.
- Social Security monitoring – you’ll be alerted any time your Social Security number is accessed for any reason.
- United States Postal Service address change notifications.
- Takeover of bank accounts with your name on them.
- The appearance of your name on a sex offender registry.
Not all identity theft protection services offer all the above services, though some offer others not listed. You’ll need to carefully evaluate the type of protective services you want, versus the cost of the service.
These can range anywhere from a few dollars a month to a few hundred dollars per year.
Popular Identity Theft Protection Services
There are dozens of identity theft protection companies providing service.
But some of the most popular include the following:
If you’re not sure which service to use, check the web for reviews of each. Be sure to read several reviews, and not rely on just one per service.
How Can You Avoid Identity Theft?
As you can see, just as there is no single source of identity theft, there’s also no one solution. As the saying goes, an ounce of prevention is worth a pound of cure. That old saying has a particularly important meaning when it comes to identity theft. The best solutions are the ones you implement before identity theft becomes a problem.
Start by being more alert in all your business dealings and transactions. Identity theft isn’t a random crime that only affects a small number of other people. Anyone can be a victim, including you. What makes it even worse is that you’re almost never aware of the crime when it occurs. It’s only when the repercussions of the theft hit that you know you’ve been affected.
It may sound paranoid, but it’s important to be extra careful in all that you do. The thief isn’t someone you’ll recognize. In fact, he or she probably would never stand out in a crowd. Sometimes it’s an insider, someone inside the organizations you’re doing business with. You can’t prevent every incident, but you can take basic steps. Monitor your credit, add an antivirus program, and even VPN software to your computer, store your information very carefully, and consider signing up for an identity theft protection service.
There are no guarantees, of course, but every little bit helps.