With each of us having so many online accounts, so many pieces of personal data drifting through cyberspace, and so much personal info freely available on social media, it’s never been easier for hackers to impersonate another person.
Identity theft is any instance where a criminal steals and uses some aspect of your personal identity (like your social security number, name, driver’s license number, or other personally identifying info) to commit fraud — usually for financial gain.
Here’s our guide to how identity theft happens, how to protect yourself, and what to do if you think your identity has been stolen in 2022.
How Does Identity Theft Happen?
Today, more and more critical transactions take place online.
You shop online with your credit card and address. You manage your health insurance dashboard and claims online. You dump personal photos and information into easily accessible social media profiles.
All of these are attractive targets for criminals looking to steal your identity. Without ever laying a finger on you, they can steal your money or commit fraud in your name using only a few simple pieces of information like your:
- Full name and address
- Insurance account numbers
- Credit card, banking, or ATM card numbers
- Mother’s maiden name
- And more
These data points can be stolen in any number of ways.
A few of the more common ways identity theft is committed are:
Malware on your computer
Malware can infiltrate your computer and gain access to all of your personal files and data, which will likely include plenty of personally identifying information.
Some forms of harmful malware, such as keystroke loggers, can capture your keystrokes to steal passwords and other private data — even as you type them into secure fields (like logging into your bank accounts online).
This one can be hard to swallow, since it’s not even your fault!
A company or organization you do business with could be the target of a cyber attack, leading to a data breach and your information getting into the wrong hands. A recent data breach of the credit bureau Equifax, for example, affected some 143 million consumers.
Often the only thing standing between you and full access to your account information is providing your name and address, or a simple security word like your mother’s maiden name.
Modern criminals with good people skills will use this to their advantage using a strategy called social engineering. They may call a merchant like Amazon pretending to be you and convince the service rep to confirm the last 4 digits of your credit card. Then, they may take those numbers and call your Internet provider to get another small piece of information. They’ll do this several times until they’ve pieced together enough data points to steal your identity.
This is a form of social engineering where you yourself are the target.
Suppose a criminal sends you an email posing as a representative from your credit card company, using a very convincing email address, template, and message. You may be tricked into handing over personal details under the guide of “verifying” them for security purposes.
Theft of credit card, mail, wallets, purses, etc.
Of course, there’s always the old-fashioned way of doing things.
Your losing track of physical objects that have sensitive information on them is a low-tech and easy way for criminals to steal your identity. It could be as simple as taking a credit card statement out of your recycling can or swiping your wallet from an open purse.
Once a thief has some or all of your private information, there are a few different kinds of theft or fraud they can commit.
Outside of the obvious forms (using your cash or credit under your name), watch out for these kinds of identity theft:
- Criminal: A person could use their knowledge of your identity to impersonate you in the event of a police interrogation after a crime.
- Medical – If a criminal can give basic information to a medical provider (like your name and address) along with your health insurance member or account number, they could receive medical services or prescription drugs while you get stuck with the bill.
- Tax: A thief could send false information to the IRS and steal your tax refund, leaving you to deal with the consequences of filing a fraudulent return.
- Social: It’s possible that someone could open a social media account online using your name, information, and photos. They could do this to hide their own identity or to purposefully impact your reputation.
- Child: You might not think kids with no money or assets would be at risk for identity theft, but you’d be wrong. Their clean credit histories are an appealing target for criminals looking to finance purchase or take out loans.
Identity theft can be out of your hands, as is the case in data breaches of big organizations like banks and credit bureaus.
But there are lots of great preventative measures that can seriously improve your ability to avoid identity theft. Let’s take a look.
Best Practices for Avoiding Identity Theft
Most people don’t think about identity theft until it’s too late. However, an ounce of prevention is worth an ocean of cure.
Try these safety practices to keep your identity safe in 2022.
Don’t carry your social security card with you every day
Your social security number is one of the biggest keys to unlocking your identity. Guard it closely.
Don’t bring your physical card with you unless you need it for a specific purpose. Otherwise, keep it locked away at home in a safety deposit box.
Guard your passwords
Never enter your banking, insurance, or other important passwords anywhere besides a secure password field (for example, when you’re logging in to view you credit card statement). Customer service representatives will almost never ask you to tell them your password over email or chat.
While you’re at it, create passwords (or update your old ones) that are longer and use complex characters. Passwords that use common words are more prone to being guessed or cracked by brute force attacks.
Protect your paper trail
Be very protective over bills and account statements that get delivered to your home. Pieces of them can easily be used to steal your identity.
Consider a locked mailbox with a simple opening for delivery. If you’re out of town, have trusted friends or family bring your mail in frequently so private bills and account statements aren’t sitting ducks.
When you’re ready to throw statements and bills away, shred them up before putting them out in the trash or recycling.
Review your banking and credit card activity frequently
A quick scan of your spending activity a few times per week should help you catch any charges you don’t recognize.
The sooner you catch them, the easier they’ll be to charged back or have removed.
Also, ask your providers about their fraud protections. Most credit cards and banks these days are pretty savvy when it comes to identifying suspicious activity.
Check your credit report annually
Your credit report is a good 1000-foot view of your financial health.
It’s not something you’ll be able to check daily, but give it some attention once a year and keep an eye out for big loans or debts taken out in your name that you weren’t aware of.
Use a strong antivirus software on your computer
With so many of your crucial transactions taking place online, your first line of defense should be protecting your digital data.
In addition to avoiding suspicious websites and downloads, you should install a reputable antivirus program to keep you safe from malware, ransomware, keylogger, and other viruses that could compromise your identity.
Here is our hand-picked and fully-tested list of the best antivirus software in 2022.
How to Know If You’ve Been a Victim of Identity Theft (And What to Do)
Sometimes it’s obvious when your personal information has been stolen, but other times the effects are far more subtle and may not become apparent to you until far down the road.
Here are some strange signs you might notice after you’ve been the victim of identity theft. In some cases, they could just be mistakes, but always follow up to be sure:
- Receiving bills for products or services you never received
- Charges on your credit card or bank statements you don’t recognize
- Strange activity on your credit report, like credit inquiries you never authorized or new lines of credit
- Reaching your medical benefit limits sooner than expected
- Notices from the IRS regarding income or tax returns you weren’t responsible for
The best thing to do if you notice some of these red flags and think your identity might be in nefarious hands is to file a report with the FTC at IdentityTheft.gov.
They’ll help you create a recovery plan and guide you in the process of having fraudulent bills, medical services, and other things removed from your record.
You can also report the crime to the police if you know who’s responsible and want to bring charges against that person.
Finally, follow up with your bank, insurance providers, or other organizations that might have been affected by the theft and notify them as soon as possible.
Keep Your Identity Safe
Identity theft can be a major headache for victims, who sometimes have to struggle for years to remove fraudulent debts or medical claims from their records.
The best thing to do is keep your personal information as safe as possible.
Be smart when browsing online, protect your computer with a strong antivirus, and keep a close guard on your sensitive paper documents.
Those three tips will go a long way toward keeping you safe in 2022 and beyond.