It’s not easy protecting your identity these days. According to a report from Javelin Strategy & Research, a new case of identity fraud occurred every two seconds in the U.S., in 2013.
That’s a 33% increase over what was reported in the previous year’s Javelin report which calculated there was a new ID theft victim every 3 seconds in 2012. That’s a shocking year-over-year increase, and 2014 doesn’t look any better.
So what is a consumer to do?
There is no single magic bullet. Instead, the best way to fight ID theft is to stay vigilant in all your actions – online and offline.
It means using a quality cross-shredder to destroy every piece of paper with sensitive personal or financial information every single time. It means keeping wallets, purses, bills, credit cards, Social Security cards, and any other sensitive material away from prying eyes – as up to 47% of U.S. identity theft victims each year can ‘thank’ family members, friends or someone else they know, for their plight. Learn more in What To Do When Your Identity Is Stolen By Someone You Know.
It means preventing malware on all your devices by ensuring you keep your security software up-to-date on every single internet-connected device. And, it requires understanding that security software alone is not enough to protect your devices; you also have to know how to identify spam, scams, malicious links, and dangerous attachments, so you don’t escort malware past your security defenses. Learn more in 11 Steps to Avoid Spam and Phishing Scams and How Scam Savvy are You? Smart Scammers Up the Ante.
It means always using strong, unique passwords and PINs for each account, and keeping this information private. Learn how in Password Perfect – Make Strong Passwords Every Time and 12 Steps to Stronger PINs. It includes restricting the number of accounts you create to those you actually need to minimize your risk of hacking. If you aren’t going to be a frequent user of a website, don’t create an account; just use the site as a ‘guest’. And, it means using a payment service like PayPal so that even if hackers break into the database of a company or organization with which you have an account, they won’t be able to access your financial information.
It means monitoring your bills, bank statements, and credit card expenditures at least monthly to check for suspicious or fraudulent charges and taking action immediately if something is wrong. And, it means proactively defending your credit by freezing your credit so that no new credit can be given without additional information and controls.
It also means managing the information you share online through social media, surveys, polls, quizzes, and contests, so that you keep sensitive information private. Think about it: if the ‘only’ information you share is your name, city, and birth date (‘today’s my birthday!’), a determined identity thief can look up your address, find your birth certificate, and look up the first and second sets of numbers on your Social Security card, and then the last four digits are not hard to hack, or find. To illustrate how quickly seemingly ‘harmless’ pieces of data expose highly sensitive data, look at how Social Security numbers are created:
SSNs have three sections; the first three numbers represent the state in which the SSN was issued (after 1972 they represent the zip code). Anything between 001-003 and before 1972 for example, is issued in New Hampshire. The tables showing the mapping of location to these assigned numbers are public record. If I know where you were born, I know these digits.
The second set of numbers in the social Security String represents a specific window of time during which the number was generated, quickly identifying the age of the legitimate SSN recipient. If I know the year you were born, or your age, I know these digits.
The last four digits are the only random numbers – and ironically those are the ones you’re asked to provide most frequently. Knowing how SSNs are created, criminals can easily hack the last four digits, but they can also likely find them online as most people share them so frequently.
Few consumers think through the sensitivity of, and the need to protect, information as seemingly harmless as email addresses, names, ages, locations, birth dates and their daily routines. Yet each piece of information, when combined with other seemingly harmless pieces of information can cause a great deal of damage. And this risk is compounded by the ever-increasing pool of ‘friends’ consumers accept into their social circle where they share even more information about themselves.
In this newly released table by Edison Research, you can see that all but the 65+ age group increased the number of ‘friends’ they have on Facebook. It’s time for a reality check – 18-24 year olds do not have an average of 649 trusted friends who could be able to discover so much about them. I’d challenge the number of ‘friends’ that should have access to private information in every age group.
Yes, it is now a pain to protect your ID from theft, but the alternative isn’t nearly as pleasant. Identity theft protection services are a good tool to use, but nothing can replace your own caution and vigilance.