Identity theft can take many avenues, but they all end up with a thief trying to profit from possession of someone else’s personal information. Stopping it sounds simple: don’t let your personal information get away. Unfortunately, it is not always as simple as it sounds.
Always remember: Companies that need your personal information, such as account numbers or Social Security number, already have it and will not contact you to ask for it. If you get a telephone call from someone claiming to be your bank or a credit card company, and they ask for an account number or SSN, it’s bogus. Hang up.
Online, remember that legitimate companies will not ask you to click to a page to verify your account information. This is a phishing scam, designed to collect your information. If you feel you have to check your account after opening one of these e-mails, close your browser and reopen it before going to what you know to be the right web site. This should stop your keystrokes from being captured.
Along with this advice is to keep your antivirus and anti-spam software up to date. Some viruses or virus-like programs log your keystrokes and provide that data to a hacker. Others can e-mail information stored on your computer to some hacker or thief. This is aside from all of the nasty things a virus can do to damage your system, so it is just another reason to keep your protective software updated, and to use it religiously.
Some things to check with a questionable e-mail include the address line of the e-mail (“To:”), the salutation, the links, and the grammar. If the address line is to a different address, or to multiple addresses that are vaguely similar, it’s a scam. This means that someone is using a program to send this e-mail to a list of computer-generated names, so the sender does not even know whether or not your e-mail address exists unless you click on a link in the e-mail or reply, both of which you should avoid.
PayPal will address an e-mail to you personally, as will most any legitimate company. A scammer cannot do that, so the e-mail might read, “Hello, firstname.lastname@example.org,” (just inserting the address to which the e-mail was sent) or “Dear customer.” Scroll over the links in the e-mail, but DO NOT click. This should reveal the addresses to which they will take you. A phishing e-mail will go somewhere besides the company they claim sent the message. Finally, look at the grammar. English is a second (or third) language for many who work these schemes, and the grammar is often worse than an elementary student’s.
Offline, keep your passwords or PINs secure. Do not write your PIN on your ATM or debit card. Keep your receipts, and destroy them later (shred, burn, etc.) so that your account numbers are secure. Destroy unused financial solicitations so that no one else can apply for a card in your name. Make sure your mailbox is secure, and promptly remove mail after delivery. Identity thieves often pull bank statements or credit card applications out of mailboxes.
Online, protect your passwords by ensuring that they are more difficult to hack and collect. A hacker’s dream is to find someone using his or her name, or email address, or some other password so simple. Passwords that are more difficult to hack include upper and lower case letters, are not simply a common word, and are a combination of letters and numbers. Also, do not use the same password for everything on the Internet. You may love “Cat4ever” as a password, but if you use it for everything, then only one site has to be hacked for someone to access to everything. Just imagine the damage that could be done if someone gains access to an e-mail account of yours, and learns that you have the same password for eBay, your bank, your business computer, and whatever else you have out there.
Offline again, when you charge something in a restaurant or store, look at the receipt. If it has your card number on it, take a pen and thoroughly mark it out. The business has already run the card, so the number has already been charged. You do not need your credit card number and a sample of your signature left together on a table in a public place, right?
Check your credit on a regular basis, at least three times per year. Federal law now requires the major credit reporting companies to provide your own credit report to you free on request, once per year. There are three of these, Equifax (1-800-685-1111, or www.equifax.com), Experian (1-800-682-7654, or www.experian.com), and TransUnion (1-800-916-8800, or www.transunion.com).
Finally, keep a secure record of account numbers and company contacts, just in case the worst happens. If you discover that you are a victim of identity theft, immediately contact your credit union, bank, and/or credit card issuer(s) to notify them. Also contact the Social Security Fraud Hotline (1-800-269-0271) and the FTC Identity Theft Hotline (1-877-438-4338). Protecting your information and a quick response if you are a victim can keep the damage at a minimum, because an identity thief can clean out your accounts and destroy your credit before you know it happened.