A stolen identity can ruin your life. You could wake up one morning and find your bank accounts empty, or find yourself locked out of them. You might have a surprise lien on your house. You could even wake to the police pounding on your door, if some malefactor committed a crime using your identity details. How can you head off these potential disasters? Here are some simple tips that can help you foil identity thieves. None of these will guarantee your safety against a hacker who has targeted you personally, but so many people fail to protect themselves that most criminals go for the easy marks. These ten tips can help make sure you, and your identity, aren’t among the chumps.
1. Shred, Shred, Shred
Never discard or recycle bank statements, bills, or any document that contains your personal information. Invest in a home document shredder, and use it. When in doubt, shred! It worked for Ollie North, and it can work for you, too.
2. Secure Your Documents
You don’t need constant hands-on access to vital documents like birth certificates, tax returns, social security cards, and so on. Keep those in a fireproof home safe or lockbox. That’s a better choice than a bank safe-deposit box. Box contents aren’t insured for their full value, the boxes aren’t guaranteed proof against fire or disaster, and banks have been known to drill out boxes and remove their contents without notice.
But don’t stop there—get a lockbox for your digital docs as well! By using encryption software, you can ensure that a snoop who gains access to your computer won’t be able to see your sensitive documents, much less read them.
3. Power Up Your Passwords
A breach at any secure site could conceivably reveal your login credentials to thieves, so you should always change your password after a breach. But what if you’ve used that same password on dozens of other sites? That’s bad, very bad. Hackers and thieves know that people are lazy, so when they get hold of a set of login credentials for one popular site, they quickly try them on others. You can minimize the collateral damage by using a different strong password for every secure site. Of course, you’ll need a password manager to keep them straight.
4. Remember, Loose Lips Sink Ships
You can’t avoid providing personal information when you want certain things, for example, a mortgage, or a new insurance account. At that time, though, you’ve initiated the process, and you’ve verified you’re dealing with a legitimate company. When a company contacts you asking for personal info, whether by snail-mail, email, or phone, zip your lip. If you feel the contact might be legitimate, ask for a way to contact them after you’ve done some investigating.
5. Don’t Be Fooled by Scammers
It’s nice to get help from tech support for any computer problems you may have. Don’t be fooled, though, by self-proclaimed tech support experts who contact you by phone, email, or otherwise. Yes, they may claim that your computer is sending out viruses. They may insist that you’ll be in big trouble if you don’t have them clean it. They’ll come up with any wild story, but eventually they’ll start asking for passwords, or requesting remote access to your computer. Hang up.
6. Lock Your Phone
That smartphone in your pocket is an identity thief’s dream. It has your email, IM, social media, and other apps, potentially logged in and available. It contains personal data galore, including all your contacts. A thief who has access to your phone owns your identity, period.
You absolutely must use a strong authentication method to lock the phone. A four-digit PIN just won’t cut it, nor will a too-simple swipe pattern. Your best bet is biometric authentication, such as fingerprint or facial recognition like that offered by the iPhone 12, backed by a seriously strong passcode.
7. Don’t Get Hooked by Phishing Frauds
Getting a data-stealing Trojan installed on millions of computers is hard work. It’s much easier to simply trick victims into giving away their credentials. Phishing websites mimic banking and other sensitive sites, in hopes that some poor sap will enter his username and password. They may even redirect to the actual site, so you don’t realize you’ve been robbed of your credentials.
Don’t give your identity away. If you get an email apparently from your bank, don’t click any links. Instead, log on to the bank’s site directly. Look for a secure HTTPS URL and lock icon, and be sure the URL in the address bar is correct. And if your antivirus or browser flags a site as fraudulent, stay away!
Phishing is a problem in the workplace, too. In an attack dubbed spear phishing, malefactors craft extremely convincing emails, designed to fool employees or executives into giving away their passwords, or even transferring money into shady accounts. Stay alert when using your work email, too.
8. Install Protection
Nobody should use a PC or laptop without the protection of a powerful antivirus, or even an entire security suite. A few security suites include antitheft protection for laptops; there are also standalone utilities that can lock down a lost or stolen laptop and even help recover it. Security products for mobile devices tend to combine antivirus and antitheft. Android devices are particularly vulnerable, but any device can get lost or stolen, so install protection.
Don’t stop there; install a Virtual Private Network, or VPN, as well. Your local security software protects your data on your own devices, while the VPN protects it as it travels the internet. Using a VPN also serves to hide your personal IP address, thereby preventing websites from identifying your location based on that address.
9. Avoid Oversharing
Sharing your posts and pictures with your circle of social media friends is fun, but you might be sharing with identity thieves if you’re not careful. It’s very important to correctly secure your social media. Check your privacy settings from time to time, as the social media services are fond of making changes.
For an eye-opening experience, download your data from Facebook and other social media sites. Seeing what’s already out there may inspire you to lock down your account more thoroughly.
10. Get Free Credit Reports
You’re eligible for one free credit report per year from each of the big three credit agencies. You can sign up for reports from TransUnion, Equifax, and Experian at www.annualcreditreport.com. Yes, the Equifax breach exposed personal data for 143 million Americans, but that breach didn’t put the company out of business. Pro tip: don’t get the reports all at once. Get one at a time, four months apart. That will give you better coverage overall. Also consider signing up for the free, ad-supported Credit Karma service, which keeps a watchful eye on your credit score.
One more thought. You’ve surely seen advertisements that promise protection against identity theft. In truth, these services can’t prevent identity theft, but they can be a great help when you’re dealing with the consequences. Consider exactly what identity theft protection services do (and don’t do), and then decide whether you’re willing to pay for the service.
You don’t have to turn your life upside down to protect against identity theft. Follow these ten simple tips and you’ll have a very good chance of thwarting theft.